Vulnerability Development mailing list archives

Re: .com

From: "Enrique A. Sanchez Montellano" <enrique.sanchez () defcom com>
Date: Wed, 03 Oct 2001 13:23:54 +0200

you can rename a .exe to anything catch is ... it has to be pipedtrought cmd.exe, but then ... forcedos is present aint it fun?

and yes in the paranoic mode of putting IIS guess what .. they alwaysforget to take out that one, so forcedos is there and you can just pipestuff in there =)


Enrique

dullien () gmx de wrote:

Hey Pauli,

somehow we're replicating our work ;)

PO> dunno if this has already occurred in people's mind but
PO> as there is the nice similarity between the ancient .com
PO> executable file extension and the tld .com ignorant
PO> clients could be fooled by sending executables that
PO> are named after popular .com www-sites. clear enough?-)

Yes, and most funnily: You don't need to actually have a .com file
in there - The operating system checks for the MZ/ZM signature,
and then hands the file over to the .EXE handler if present. Therefore
you can just rename any .EXE file .com and it will properly execute.

Cheers,
Thomas

Current thread:

.com Pauli Ojanperä (Oct 02)
- Re: .com Nexus (Oct 02)
- Re: .com dullien (Oct 02)
  - Re: .com Enrique A. Sanchez Montellano (Oct 03)