Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Outlook/HTML "proggie"

From: methodman () GO RO (methodman)
Date: Sat, 29 Jan 2000 14:38:00 +0200

Hello !

I would have posted this a few days ago, but I didn't have the time... I guess it's ok to send this even though the 
thread is over (?). 

About a week ago I have created a .html trojan/worm thingie that infects you if you read the email from Outlook, you 
don't have to run any attachments and no popups pop-up :) 

What it does: using the SCR object, it creates a trojan.hta in your c:\windows\start menu\startup which contains some 
JavaScript commands that copy it (using the WSH object) to c:\windows\system and add it to the registry 
(HKEY_LOCAL_MACHINE\......\Run), after you restart your computer. Think of what it could do... what if it wouldn't 
create a .hta and it would create a .bat containing the hex dump of sometrojan.exe ?

Anyway... I don't intend to release it and NO, I won't give you the source code unless you pay me :)

Regards,
[ methodman ]
Previous By Date Next
Previous By Thread Next

Current thread: