Vulnerability Development mailing list archives
password-protected zip files (was RE: Administrivia #8704)
From: Michael.Wojcik () MERANT COM (Michael Wojcik)
Date: Sun, 7 May 2000 11:34:07 -0700
-----Original Message----- From: Blue Boar [mailto:BlueBoar () THIEVCO COM] Sent: Saturday, May 06, 2000 1:19 PM
Moderation over the last couple days: In the last two days, I've received about 2000 emails... the vast majority of which were bounces, errors, and mail gateways with virus scanners informing me that I sent out a "virus". Yeah, thanks for the info. :) That means in the future, I will be trying to do a better job encapsulating bad code to avoid setting those off, for the sake of my mailbox. The zip with a password seemed pretty good... only a couple gateways refused to let in a zip that they couldn't open.
Ouch. How long before we have a worm packaged in a password-protected zip with the password in the message? Anyone want to bet that minimal social engineering won't have a zillion users falling for that? Sample message text: Here's the document you requested. Legal insists on making this "confidential" so it has to be in a password-protected ZIP file. Password is just your email ID (everything before the "@"). Implementation is left as an exercise for the moderately competent, unimaginative cracker. Of course, using a fixed password would be even easier; the variant password is just a bell and/or whistle. (Actually, the "you requested" bit is getting a bit tired. I recommend "Sorry this is so late... Following up on last week's phone call, here's my latest thoughts." That should be suitably vague. Also, let's cut down on the multiple copies per recipient - a dead giveaway for anyone with two neurons to rub together - by only sending the messages to, say, 10 randomly-chosen recipients in each address list. Not that I'm advocating doing this, of course. Every time something like this happens, I get half a dozen 500 KB messages from the rocket scientists in my IT department telling me about it.) Michael Wojcik michael.wojcik () merant com MERANT Department of English, Miami University
Current thread:
- Re: I love you Author evidence ?, (continued)
- Re: I love you Author evidence ? Jordan Dimov (May 07)
- Re: I love you Author evidence ? Thierry (Apr 07)
- Re: I love you Author evidence ? Elaine -HFB- Ashton (May 07)
- Re: I love you Author evidence ? Roelof Temmingh (May 07)
- Re: I love you Author evidence ? Martin Ixter (May 07)
- Re: I love you Author evidence ? Blue Boar (May 07)
- Re: I love you Author evidence ? Drexx Laggui (May 07)
- Re: I love you Author evidence ? Bobcat Felidae (May 09)
- Re: I love you Author evidence ? Sen_Ml Sen_Ml (May 09)
- Re: I love you Author evidence ? Thierry (Apr 07)
- Re: I love you Author evidence ? Erik Debill (May 07)
- Re: I love you Author evidence ? Jordan Dimov (May 07)
- password-protected zip files (was RE: Administrivia #8704) Michael Wojcik (May 07)
- Re: I love you Author evidence ? Christofer C. Bell (May 07)
- Re: I love you Author evidence ? Trevor Schroeder (May 07)
- Re: I love you Author evidence ? Lynn Baier (May 07)
- Windows NT 4.0 and Sendmail 3.0.1 for NT Brian DuRoss (May 08)
- Re: I love you Author evidence ? White Vampire (May 08)
- If virii are so dangerous, why is the internet still runing? Christopher Dinsmore (May 07)
- Re: I love you Author evidence ? Blue Boar (May 07)