|
Vulnerability Development
mailing list archives
Re: .com
From: "Nexus" <nexus () patrol i-way co uk>
Date: Tue, 2 Oct 2001 17:30:20 +0100
Possibly if the level of stupidity were high enough that attachments are
blindly clicked on ;-)
Explorer will still use the icon for an com file which may be noticed, the
MZ tag in the exe will still flag is as an executable for anything what is
watching (AV/Content Filtering/Sandboxing) since they are usually(;-) smart
enough to look at the file header, not the extension. I know that a true
old-fashioned .COM file has no such header as the ORG is set at 0x100, hence
no real loader as it doesn't have to adjust the segements, but chances of
getting that to run on a Win32 system ?
By clients I am assuming that you mean email clients and the like, or do you
mean people ?
Your attachment has zero length and so does nothing, not quite sure what you
are saying....
Could you explain a bit more ?
Cheers.
----- Original Message -----
From: "Pauli Ojanperä" <pasaojan () cc jyu fi>
To: <vuln-dev () securityfocus com>
Sent: Tuesday, October 02, 2001 8:10 AM
Subject: .com
dunno if this has already occurred in people's mind but
as there is the nice similarity between the ancient .com
executable file extension and the tld .com ignorant
clients could be fooled by sending executables that
are named after popular .com www-sites. clear enough?-)
 By Date 
By Thread
Current thread:
- .com Pauli Ojanperä (Oct 02)
- Re: .com Nexus (Oct 02)
- Re: .com dullien (Oct 02)
- Re: .com Enrique A. Sanchez Montellano (Oct 03)
|
Intro
