Home page logo

fulldisclosure logo Full Disclosure mailing list archives

WIN XPSP2 - is this a possible way to hack?
From: "Gregh" <chows () ozemail com au>
Date: Wed, 13 Oct 2004 08:29:42 +1000

Just noticed this one by accident. 

I had downloaded, some days back, a file to install a program that I hadn't gotten around to setting up. The file was 
named "setup.exe" and sat on my desktop. I had been getting errors with another already installed program so decided to 
uninstall it and install it again to cure that. When I attempted to install the other program which I had named 
"this.exe", by simply double clicking on it, the program named "setup.exe" (which is an innocent program, BTW) started.
This doesn't happen on every occasion but it occurred to me if "setup.exe" was invisible on my desktop and deleted 
itself after it had been run and had been put there by someone wanting to install something else on my machine, that I 
could have just clicked "next" repeatedly and ended up installing the wrong program.

As most of you know, clicking "next" and installing without reading is about what most normal users do. 

Is this thing of "setup.exe" sometimes taking over a NORMAL thing from MS?

Note that I tried it with several other programs and it seems dependant on the way the individual program setup is 
configured as to whether the file "setup.exe" takes over where it shouldn't be or not.

Whatever, it seems a great way to install things on XPSP2 machines that shouldn't be there.


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]