Welcome to the drawback of unmoderated "full-disclosure." -----Original Message----- From: Bipin Gautam [mailto:[EMAIL PROTECTED] Sent: Thursday, October 30, 2003 8:59 AM To: [EMAIL PROTECTED] Subject: [Full-Disclosure] Shortcut...... may cause 100% cpu use!!!
--[Effected]-- The exploit has been tested in WINDOWS xp --[Description]-- Running a specially crafted "shortcut" that points to itself! IF executed through 'Windows Explorer' or IE may cauze 100% cpu use... THAT CAN LEAD TODoS in the victim. --[Simple! proof of concept]-- http://www.geocities.com/visitbipin/shortcut.zip [Note: You *may* have to RUN the 'shortcut' few* time's to have a effective 100% CPU use...] EXTRACT this file and copy it to c:\ [root] and double click IT... or open it through IE after copying it in c:\ PS: Anyone willing to craft* it for IIS (O; --[credit]-- Bipin Gautam (hUNT3R) _____________________________________________________________ Secure mail ---> http://www.blackcode.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
