Full Disclosure mailing list archives
Re: DLL hijacking with Autorun on a USB drive
From: Dan Kaminsky <dan () doxpara com>
Date: Fri, 27 Aug 2010 01:18:48 -0400
On Fri, Aug 27, 2010 at 1:06 AM, <paul.szabo () sydney edu au> wrote:
Dan Kaminsky <dan () doxpara com> wrote:Badly setup desktops: do not "hide extensions", maybe view details (or list) not icons.All that matters is defaults, and icons are way more powerful ...Those defaults are wrong, change them. Anyway, icons are shown with "view details".
I think you mean application types are shown with "view details". The problem is, there's a couple dozen application types that are all code execution equivalent by design. Do you know all of them? Why should a user?
The web browser and the email client are not designed to launch arbitrary code. The desktop ... is.This attack may happen through the browser (UNC paths or somesuch). Any talk about USB sticks or desktops is bogus.
There's no path between IE and a UNC window that doesn't either security prompt or raise an unadorned Explorer window to a remote share. I could see an argument that the latter should prompt, given that it's a (by definition) code execution context. But that's about it.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: DLL hijacking with Autorun on a USB drive, (continued)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Pavel Kankovsky (Aug 30)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 30)
- Re: DLL hijacking with Autorun on a USB drive Pavel Kankovsky (Aug 30)
- Re: DLL hijacking with Autorun on a USB drive Atul Agarwal (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Larry Seltzer (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive paul . szabo (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive paul . szabo (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 26)
- Re: DLL hijacking with Autorun on a USB drive Larry Seltzer (Aug 27)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 27)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 27)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 27)
- Re: DLL hijacking with Autorun on a USB drive Christian Sciberras (Aug 27)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 27)