Vulnerability Development mailing list archives
Outlook/HTML "proggie"
From: methodman () GO RO (methodman)
Date: Sat, 29 Jan 2000 14:38:00 +0200
Hello ! I would have posted this a few days ago, but I didn't have the time... I guess it's ok to send this even though the thread is over (?). About a week ago I have created a .html trojan/worm thingie that infects you if you read the email from Outlook, you don't have to run any attachments and no popups pop-up :) What it does: using the SCR object, it creates a trojan.hta in your c:\windows\start menu\startup which contains some JavaScript commands that copy it (using the WSH object) to c:\windows\system and add it to the registry (HKEY_LOCAL_MACHINE\......\Run), after you restart your computer. Think of what it could do... what if it wouldn't create a .hta and it would create a .bat containing the hex dump of sometrojan.exe ? Anyway... I don't intend to release it and NO, I won't give you the source code unless you pay me :) Regards, [ methodman ]
Current thread:
- netscape 4.61 recognizes file.changed-doc/xls Chad Thunberg (May 23)
- ActiveX, VBScript etc... reactivation Andrew Leong (May 25)
- Re: netscape 4.61 recognizes file.changed-doc/xls Dimitry Andric (May 25)
- Re: netscape 4.61 recognizes file.changed-doc/xls Gareth Jones (May 28)
- <Possible follow-ups>
- Re: netscape 4.61 recognizes file.changed-doc/xls Joseph, Lorne (May 25)
- Re: netscape 4.61 recognizes file.changed-doc/xls Nathan Einwechter (May 28)
- Outlook/HTML "proggie" methodman (Jan 29)
- Re: Outlook/HTML "proggie" Thierry Zoller (Mar 22)
- Re: Outlook/HTML "proggie" Knud Erik Højgaard (Apr 30)
- Re: Outlook/HTML "proggie" Blue Boar (May 31)
- Re: netscape 4.61 recognizes file.changed-doc/xls Su Wadlow (May 28)
- Security code verification for JAVA Martin M Samson (May 29)
- Re: Security code verification for JAVA Bluefish (May 29)
- Outlook/HTML "proggie" methodman (Jan 29)
- Re: netscape 4.61 recognizes file.changed-doc/xls John Brahy (May 29)
- Re: netscape 4.61 recognizes file.changed-doc/xls Su Wadlow (May 29)