Full Disclosure mailing list archives
Re: [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1933 - 20
From: Barry Fitzgerald <bkfsec () sdf lonestar org>
Date: Tue, 28 Sep 2004 15:01:27 -0400
Geo. wrote:
I could think of even worse places to put it. Of course, some companies would fall victim to this, but in an even remotely secured network domain, you'd probably have to compromise a domain admin's system and try to spread on shares via that login.far-fetched. Would it be possible to create a jpeg that would copyitself to other drives on a shared network in an auto-executable position? I suppose so... however, it would be noisy and probably wouldn't be amazingly successful.<< Picture a company full of users and a worm that copys the jpg file to \\machinename\c$\Documents and Settings\All Users\Desktop you think it might get a few clicks, especially if it had a harmeless yet tempting name like saturn.jpg Geo.
-Barryp.s. By making the inherent assumption here that admins would be less likely to get infected with this than average users and that the average network is even remotely secured, I'm probably (definately?) giving corporate networks more slack than they deserve. Referring to this attack vector as "wouldn't be amazingly successful" is probably wildly optimistic on my part.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1933 - 20 msgs milw0rm Inc. (Sep 28)
- Re: [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1933 - 20 msgs DanB UK (Sep 28)
- Re: [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1933 - 20 msgs Barry Fitzgerald (Sep 28)
- RE: [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1933 - 20 Geo. (Sep 28)
- Re: [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1933 - 20 Barry Fitzgerald (Sep 28)
- RE: [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1933 - 20 Geo. (Sep 28)
- <Possible follow-ups>
- RE: [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1933 - 20 msgs Todd Towles (Sep 29)
- Re: [Full-Disclosure] Re: Full-disclosure digest, Vol 1 #1933 - 20 msgs DanB UK (Sep 29)
- Message not available