A script within the body of an email CAN access the FileSystemObject if the
Scripting host is available. I will send a sample separately. Most of the
code in my sample is directly lifted from the Microsoft Scripting samples
on their website.
Shelagh
At 10:34 AM 5/31/00 -0400, you wrote:
>! -----Original Message-----
>! From: VULN-DEV (kiss the sun and walk on air)
>! Sent: Wednesday, May 31, 2000 7:35 AM
>!
>! My guess was the "Scripting" object, or SCRRUN.DLL. Thats
>! the DLL that
>! contains the FileSystemObject classes and its subordinates that the
>! recent rash of VBS scripts have been using to access the disk.
>! -pete
>
>I would be very very VERY surprised if a script within the HTML of an
>eMail would be able to access the FileSystemObject. Saying this means
>every eMail/website is able to read/write/delete all of your files at
>will. I think you are confusing the ILY kind of viruses where the users
>actually double-click a .vbs file, giving it their permission to run in
>the Computer context and not in an internet context.
>
>I also really doublt its a screen saver :) Unless they made an
>ActiveX/COM interface on screensavers while i was looking the other way?
>
>The best guess would be to assume he used one of the old objects
>overflows and that his post was nothing but an empty brag without
>substance or new technical material of interest. As Thierry pointed out,
>this might be the BadBlood thing or the BubbleBoy virus too.
>
>If this is something new I'm still very interested in knowing what is
>that SCR object he used.
>
>
>M.
Shelagh Pepper (519) 884-0710 x3939
Multimedia Coordinator (519) 884-1970 x3939
Computing and Communication Services (519) 884-1279 FAX
Wilfrid Laurier University spepper_at_wlu.ca
Waterloo, Ontario, N2L 3C5 webmaster_at_wlu.ca
Received on Jun 01 2000
Intro
