Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: another filename bypass vulnerability - from cmd.exe

From: 6ackpace <6ackpace () gmail com>
Date: Wed, 16 Nov 2005 18:04:02 +0530
It also work for windowsXp 2 and with other ext .
 i.e exe.txt.exe.pdf ......

 On 11/16/05, Aditya Deshmukh <aditya.deshmukh () online gateway strangled net>
wrote:


Was doing some testing [xfocus-AD-051115]

Ie Multiple antivirus failed to scan
malicous filename bypass vulnerability

The system is windows 2000 sp4 srp5 with
all other patches upto date.

At the command prompt cmd.exe execute
the following with the results.

I copy and paste from cmd.exe
-------------------------------------------------------------------

E:\TEMP>cd test

E:\TEMP\test>copy %windir%\system32\calc.exe
1 file(s) copied.

E:\TEMP\test>ren calc.exe calc.exe.zip

E:\TEMP\test>dir /b
calc.exe.zip

E:\TEMP\test>calc.exe.zip

E:\TEMP\test>
-------------------------------------------------------------------
This bring up the calc.exe on the screen.






________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com<http://www.mailtraq.com>
)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: