Ancient news http://www.guninski.com/clsidext.html
--jelmer -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Good One Sent: donderdag 8 juli 2004 1:37 To: [EMAIL PROTECTED] Subject: [Full-Disclosure] Microsoft hides certain types of files from your eyes + some filename parsing bug Microsoft HIDES certain types of files from your eyes: � This one is old unpatched "behaviour" ... � If you will create in windows explorer file : � test.txt� with content : � <script> a=new ActiveXObject("WSCript.Shell"); a.run("CMD.EXE"); alert("Hello, I'm�Silly Billy�!"); </script> � It will be executed if you will add CLSID to it's name and user double clicks it : � test.txt.{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B} � Note: CLSID will remain hidden (explorer will not show it up in any means) File name for�user will remain : test.txt � This adds numerous possibilities for viruses to fool end user into safe content. � � another filename parsing bug (system even�cannot access it) : By some technics windows still allows to write file on harddisk with funny name like : � test [good one :] .avi � End user will expierence certain difficulties to remove it afterwards from system. � It's name will change to "test [good one", it will have no extension, will show up 0 bytes etc, etc... � � Of course .url and .lnk�are hidden as well, being "shortcuts" in m$ way. The contents of those files are up to you ... :-) � For example :�file "test.url" with this content will open your browser with alert. � [DEFAULT] BASEURL=javascript:alert('hello mama !') [InternetShortcut] URL=javascript:alert('hello mama !') Modified=00027F010505010100 � � m$ is good for gaming, not for serious work.. � � - SomeMan. � ALL-NEW Yahoo! Messenger - sooooo many all-new ways to express yourself _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
