Bryan Phinney said: > On Thursday 04 September 2003 12:17 pm, [EMAIL PROTECTED] wrote: >> Hehe - no I'm not planning to write a virus; I believe M$ has cornered >> the >> market there. With all the talk this morning about the 'thankyou.pif' >> file that circulated, I was curious what the file held. I tried to look >> at the file in vi but saw only gibberish (compiled code?) I tried a >> google search to see how to open this type of file and found that M$ >> uses >> a 'pifeditor' (it seems to come with the 'M$ VirusWriter 7.0' suite of >> tools - to be included in every version of .Net). I didn't find any >> useful info for editing under linux though; any thoughts here? I don't >> have a windows box to play with it on - or maybe I could take it to work >> and open it... hmmm... > > For the record, I do not think that the virus itself is written as a .pif > file. It is using that extension only because that is one of MS's > executable > extensions which means that when you open the message and click on the > attachment, it automatically executes. It could call itself .exe or .bat > just a easily. I am guessing that the author chose .pif only because > inexperienced users are less likely to realize that it is executable. > Just > because the filename ends in .pif does not necessarily mean that the file > IS > a .pif. > > Not sure what language it was written in, but it is definitely compiled > code > so you would need to decompile it or look at it with a hex editor to try > to > figure out what the original language was. > -- > Bryan Phinney > Software Test Engineer
Well, I was under the impression that windows decided how to handle a program based on the extension; i.e., if you call a .jpg a .blah, even though it has photoshop installed on the machine, it will choke and say it doesn't know how to open a .blah file. Maybe if you renamed the .jpg to .tif though, you could get the photoshop program to open and then it would take over and decide to display the image correctly? In my short research on google, I read that a pif was similar to a bat file; can a bat file contain compiled code also? Thanks! Mike -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrake.com ============================================================<
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
