Full Disclosure mailing list archives

Re: .hta virus analysys

From: Gadi Evron <ge () egotistical reprehensible net>
Date: Thu, 20 Nov 2003 18:02:01 -0800

Jelmer wrote:

.hta files is a proprietary concept, and only works in conjunction with Internet Explorer (specifically version 5 and 
above). basicly its much like a .html except it has no security restrictions


If that's the case, there's only one thing not to do:
Do not enter websites that lead to you .hta files.

Some would even say use a better browser, but I wouldn't go that far.

--
      Gadi Evron,
      ge () linuxbox org.

The Trojan Horses Research mailing list - http://ecompute.org/th-list

My resume (Hebrew) - http://www.math.org.il/resume.rtf

PGP key for ge () linuxbox org -
http://vapid.reprehensible.net/~ge/Gadi_Evron.asc

Note: this key is used mainly for files and attachments, I sign emailmessages using:

http://vapid.reprehensible.net/~ge/Gadi_Evron_sign.asc


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: .hta virus analysys, (continued)
- - Re: .hta virus analysys Nick FitzGerald (Nov 19)
    - Re: .hta virus analysys madsaxon (Nov 19)
  - Re: .hta virus analysys Valdis . Kletnieks (Nov 19)
    - Re: .hta virus analysys listas (Nov 21)
  - Re: .hta virus analysys Maxime Ducharme (Nov 20)
    - Re: .hta virus analysys Scott Taylor (Nov 20)
    - Re: .hta virus analysys Gary Flynn (Nov 20)
    - Re: .hta virus analysys Jelmer (Nov 20)
    - Re: .hta virus analysys Nick FitzGerald (Nov 20)
- Re: .hta virus analysys Jelmer (Nov 20)
  - Re: .hta virus analysys Gadi Evron (Nov 20)
- Re: .hta virus analysys Feher Tamas (Nov 20)
- Re: .hta virus analysys http-equiv () excite com (Nov 21)