-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
here is the code that does it:
(seems like a simple con to me, to make you think that your drive is
visible to the world).
(edited to get through).
script language="javascript"
if (navigator.appName=="Netscape" &&
navigator.appVersion.split(".")[0]==4)
{
document.write("");
}
else
{
document.write("Your hard drive is on the Internet. Everyone can see.
What are all those PICTURES?");
document.write("<p align='left'><iframe src='file:///C:/' height=300
width=500 marginwidth=0 marginheight=0 scrolling=no frameborder=0
vspace=2></iframe></p>");
document.write("<h2 align=left><b><a href='/main.shtml'<font
color=#0000ff>Click Here Now For Urgent Help To Stop This
Investigation</font></a></b></h2>");
}
/script
Thanks,
John Ellingsworth
Virtual Curriculum
Project Leader
AIM: jellings28
- ----- Original Message -----
From: "LS" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, February 27, 2002 6:46 PM
Subject: www.security7.ch.vu
> Hi all,
>
> I was sent the following address:
>
> http://www.security7.ch.vu/
>
> When entering, it claims that you are exposed and tracked and a lot
> of information is stored on your computer (doh..altho i dont keep
> names on it etc..). What caught my attention is that the show you
> the contents of your root directory (c:\ for a windows machine...).
> What's alarming is that I don't see how this thing could've been
> done. I dont allow any shares, I dont allow any services, and
> unless it is an IE exploit of some sort, there is no other way to
> explain it. My firewall (TPF) handles all the microsoft network
> issues and only internal LAN can even see my nbt name etc... this
> is weird.
> Anybody know how this is done ?
>
> Regards,
> Eli
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBPH/XowbexkNIm1OFEQLhOQCfewqwj0JKAhXhosLjkmNBzFMEFvEAnjMX
TmNFNlI5VfGP7julfk1pZSff
=NPp/
-----END PGP SIGNATURE-----
