At 08:07 AM 11/12/00 -0800, you wrote:
>I noticed that it ran again on my computer when I read Ewan's quoted message
>of Jay's original message (when it originally ran as well). It didn't tie up
>my computer or cause any problems but was a bit odd to receive and see
>implemented.
>
>I clicked on the "Home" link but saw nothing associated with this
>"GetObject" thing and who might utilize such a reading of a "victim's"
>computer. The website the link leads to also acts quite goofy
>(inefficiently) when accessing it with the Opera v4.02 browser.
>
>Bill
I agree, the website has some problems and is not finished. And I filtered
my own post's replies, because process mail captures everything with test
in the subject and puts it in a special folder. Sorry for the late reply.
The script does nothing really, it only reads and displays the autoexec.bat
file, if you have one. And only if you view with ie/outlook AND have wsh
enabled.
It is just what it says, a TEST to see if your computer is vulnerable to
this exploit. If you have all the above and you saw an alert box
containing your autoexec.bat file then you may need to disable whs and java
until you fix the problem.
As for causing any problem, it causes no more problems than reading a text
file with notepad!
Since it is possible to read a file, someone may be able to modify the
script (look at the source code of the html message), to actually create a
file or delete files. The test shows how easy someone could read the files
on your hard drive without you knowing whats going on...
I included the script ENCLOSED in comment inside the body of this message
so you can see that it actually does nothing but read the file
(GetObject)and display an alert box. You may have to view source of
message to see it.
<!--
<SCRIPT>
alert("Proceed with test?");
a=GetObject("c:\\autoexec.bat","htmlfile");
setTimeout("alert(a.body.innerText);",2000);
</SCRIPT> -->
I am sending this message in plain text, but your mail program may display
it differently. There is no way reading a text file should cause any
problems, unless you have memory problems with your system or some other
device conflict. Anyway, it's nothing to do with the getobject script.
The reason I put ignore warnings in the subject is because some mail
programs or virus scanners may or may not display a warning when you run
scripts (any script -- good or bad).
Solution: disable java script, and WSH (Windows Scripting Host) or be very
very careful when using ie or outlook. Better idea? Use Netscape or Opera
along with a plain text mail program or Eudora.
Eudora or the list server at topica seems to have removed the script from
the message I received.
To test your system go here using ie (does not work with Netscape)...
http://pcnn.virtualave.net/ietest.html
Jay
----
post: [EMAIL PROTECTED]
url: http://theMezz.com/informant
forum: http://theMezz.com/bbs
subscribe: [EMAIL PROTECTED]
unsubscribe: [EMAIL PROTECTED]
digest: [EMAIL PROTECTED]
notDigest: [EMAIL PROTECTED]
___________________________________________________________
T O P I C A http://www.topica.com/t/17
Newsletters, Tips and Discussions on Your Favorite Topics
