subject: (Fwd) [Full-Disclosure] Microsoft hides certain types of files posted: Thu, 08 Jul 2004 15:23:09 +0100
------- Forwarded message follows -------
From: Good One <[email protected]>
To: [email protected]
Subject: [Full-Disclosure] Microsoft hides certain types of files from your eyes + some filename parsing bug
Date sent: Thu, 8 Jul 2004 00:37:24 +0100 (BST)
Microsoft HIDES certain types of files from your eyes:
This one is old unpatched "behaviour" ...
If you will create in windows explorer file :
test.txt
with content :
It will be executed if you will add CLSID to it's name and user double clicks it :
test.txt.{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}
Note:
CLSID will remain hidden (explorer will not show it up in any means)
File name for user will remain : test.txt
This adds numerous possibilities for viruses to fool end user into safe content.
another filename parsing bug (system even cannot access it) :
By some technics windows still allows to write file on harddisk with funny name like :
test [good one :] .avi
End user will expierence certain difficulties to remove it afterwards from system.
It's name will change to "test [good one", it will have no extension, will show up 0 bytes etc, etc...
Of course .url and .lnk are hidden as well, being "shortcuts" in m$ way. The contents of those files are up to you ... :-)
For example : file "test.url" with this content will open your browser with alert.
[DEFAULT]
BASEURL=javascript:alert('hello mama !')
[InternetShortcut]
URL=javascript:alert('hello mama !')
Modified=00027F010505010100
m$ is good for gaming, not for serious work..
- SomeMan.
---------------------------------
ALL-NEW Yahoo! Messenger - sooooo many all-new ways to express yourself
------- End of forwarded message -------
---
* Origin: [adminz] tech, security, support (192.168.0.2)
generated by msg2page 0.06 on Jul 21, 2006 at 19:04:12
search: