Re: MSN messenger service

[jbrahy () INSYNCMEDIA COM (John Brahy)]

Marty <marty () asgard aus tm> also pointed out that the file really isn't
deleted it is only "unlinked".

Masial wrote:
> Hi all, just a few toughts...
>
> Microsoft is assuming the following:
>
>  (a) get you to log onto Hotmail or MSN Messenger
>  (b) get you to leave your computer unattended
>  (c) do this with exactly the right timing in order to copy the file during
> the very short period that it exists.
>
> However, while (A) is obviously required, assuming that (B) and (C) are
> required for the breach to occur is a bit naive. As John mentioned, i could
> beef up a little VBScript file that does a little "while true" loop and nabs
> any .htm containg some string (say "hotmail.com"). That same cute vb script
> could then do something like open a TCP connection to the other little cute
> vbs running on my own machine to send him the cool info. I would then have
> it pop me the hotmail page and read -insert victim here-'s email and whats
> not.
>
> This is, as opposed to what MS says, very trivial. I could code this in
> about 15mins. Getting the file onto your victim wouldnt be very hard with a
> bit of creativity and once there it could behave somewhat like the Kak virus
> (replicates in system and adds itself to the run key, then appends your
> current signature files).
>
> Does anyone see something wrong with this?
>
> M.

--
+`'`'`'`'`'`'`'`'`'`'`'`'`'`'`''`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`+
| John Brahy                                  (310) 680-2268   |
| Director of Programming Services           Digital Services  |
| Insync.Media                      a Digital Fusion partner   |
| http://www.insyncmedia.com           jbrahy () insyncmedia com  |
+`'`'`'`'`'`'`'`'`'`'`'`'`'`'`''`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`+