RE: help:// protocol in Windows XP Prof

This is pretty good, but keep in mind that it will no longer work on Windows
XP SP2 enabled machines. IE now actively prevents these sorts of things from
executing.

RH

-----Original Message-----
From: Calderon, Juan Carlos (GE Commercial Finance, NonGE)
[mailto:juan.calderon_at_ge.com]
Sent: Friday, 9 July 2004 3:25 AM
To: Jordan Cole (stilist); Bartosz Kwitkowski
Cc: vuln-dev_at_securityfocus.com
Subject: RE: help:// protocol in Windows XP Prof

<.a href="javascript:loadWin()" title="help://www.product.com/help"
onmouseover="window.status='help://www.product.com/help';return true"
onmouseout="window.status='';return true">

just my two cents

-----Original Message-----
From: Jordan Cole (stilist) [mailto:stilist_at_gmail.com]
Sent: Wednesday, July 07, 2004 8:13 PM
To: Bartosz Kwitkowski
Cc: vuln-dev_at_securityfocus.com
Subject: Re: help:// protocol in Windows XP Prof

If you could get it to work in a link, it would make for a good
exploit... "Click here to read the help file for this application."
Have that link to a malware-enabled website or something similar, and
you've got another unsuspecting user infected.

On the other hand, you could just create a link that /appears/ to be
pointing to a help:// url...

<.html>
<.head>
<.script language='javascript1.2'>
function loadWin(){
window.open('http://www.google.com/','Help for
[product]','resizable=yes,width=500,height=400, top=10, left=10');
}
<./script>
<./head>
<.body>
<.a href="javascript:loadWin()"
title="help://www.product.com/help">Read the help file</a>
<./body>
<./html>

I tried to make the statusbar reflect the apparent help:// url, but
couldn't remember how (despite a quick google).

While it's unlikely most users would even notice the help:// part,
those who do would simply assume it's some weird thing like ftp://...
they don't know what it does, but it apparently works.

-- 
[stlst]