Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: UPDATE on possible new "e-mail virus" concept ?

From: jim () JTAN COM (Jim Paris)
Date: Fri, 19 May 2000 22:14:12 -0400


- If changing directories is not possible, could it be possible to send
someone an e-mail with a image source : http://www.server.com/virus.com
(with that virus.com being a com file that starts with BM) and enclose a
.url file as an attachement that points to file:///c:/temp-inet-files/virus.com
(Using a link in the HTML code will not work as it will ask prompt you for
a download dir)


This is nothing new.

It's been done before.  And exploited before.  And Microsoft fixed the
hole.  Cache directories for IE are now randomly named.  That's why a
"dir /ad c:\windows\tempor~1\content.ie5" on my system returns:

 Volume in drive C is JIM
 Volume Serial Number is 133A-1F67
 Directory of C:\WINDOWS\Temporary Internet Files\Content.IE5

.              <DIR>        08-20-99 10:15a .
..             <DIR>        08-20-99 10:15a ..
2E1HORCP       <DIR>        05-04-00  4:06a 2E1HORCP
6DBN5IXF       <DIR>        05-04-00  4:06a 6DBN5IXF
6ZWDGF4H       <DIR>        05-04-00  4:07a 6ZWDGF4H
8DEBSDIR       <DIR>        05-04-00  4:06a 8DEBSDIR
CPEV0L2M       <DIR>        05-04-00  4:06a CPEV0L2M
GP8HBR4O       <DIR>        05-04-00  4:06a GP8HBR4O
HG3TWMMW       <DIR>        05-04-00  4:06a HG3TWMMW
I60CP4EH       <DIR>        05-04-00  4:06a I60CP4EH
K1KE6LVN       <DIR>        05-04-00  4:06a K1KE6LVN
RC1EW5ID       <DIR>        05-04-00  4:06a RC1EW5ID
S79O3RUD       <DIR>        05-04-00  4:06a S79O3RUD
XK8291QN       <DIR>        05-04-00  4:06a XK8291QN
         0 file(s)              0 bytes
        14 dir(s)        1,528.41 MB free

-jim
Previous By Date Next
Previous By Thread Next

Current thread: