RarLab answer: http://www.rarlab.com/vuln_sfx_html.htm
I don't think the work is useless... You probably learnt a lot writing this guide and PoC code, but in fact an EXE can be manipulated in many ways to run smaller pieces of code. There is no need to find a bug to do that. ;) Att, Fernando Mercês mentebinaria.com.br <http://www.mentebinaria.com.br> --------------------------- On Wed, Oct 7, 2015 at 3:16 PM, Shawn McMahon <[email protected]> wrote: > On Mon, Oct 5, 2015 at 8:16 AM, Stefan Kanthak <[email protected]> > wrote: > > > > > That's why giving unsuspecting users *.EXE to install a software package > > or to unpack an archive and thus training them to run almost anything > > they get their hands on is a BLOODY STUPID idea in the first place. > > > > ALWAYS use the platforms native package or archive formats to distribute > > your software or files! > > > > Perhaps it's my ignorance talking, but I just don't see how: > > "Run this EXE that might contain bad stuff" is worse than: > > "Install this .msi as Admin that might contain bad stuff" or "install this > RPM as root that might contain bad stuff" or "install this .pkg as root > that might contain bad stuff." > > The vulnerability is installing things when you don't know what they are or > where they came from, not the particular form in which they're packaged. If > it's got a GUI, clicking on its packages is going to prompt you to escalate > privileges and install them. > > If I'm missing something, drop some knowledge on me and I'll install it. > Even if it's not signed. :) > > _______________________________________________ > Sent through the Full Disclosure mailing list > https://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
