On my system, W2K Pro with IE6 and all patches, active scripting left enabled, when I go to http://security.greymagic.com/adv/gm001-ie/simplebind.html my Norton AV (2002) pops up saying it detects a case of XMLid.Exploit, sticks it in the quarantine, but it still allows the script to open the calculator. Of course this doesn't work on my other system where the default install locations were NOT used.
Regards, Amer Karim Nautilis Information Systems Pager: 604-645-7729 e-mail: [EMAIL PROTECTED] -----Original Message----- From: Sprissler, Noah [mailto:[EMAIL PROTECTED]] Sent: March 12, 2002 10:31 To: [EMAIL PROTECTED] Subject: RE: scary site That's interesting. I have disabled active scripting as most have suggested and the http://www.liquidwd.freeserve.co.uk/ link stops bringing up a DOS prompt. However, if I goto this link from Greymagic http://security.greymagic.com/adv/gm001-ie/simplebind.html their implementation of this works fine no matter what settings I disable. Win2k with all patches, IE6 with all patches. -Noah -----Original Message----- From: Kulla [mailto:[EMAIL PROTECTED]] Sent: Monday, March 11, 2002 2:07 PM To: Roy Pait; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: scary site It seems that just affect xp I use w2k and nothing happened. Regards Kulla ----- Original Message ----- From: "Roy Pait" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, March 08, 2002 7:51 PM Subject: Re: scary site > Yes, but check out this variant - save your work first. They replaced cmd.exe with logoff.exe! > > http://www.fuck.org/~max/xp_rules.jpg > > >>> "Kulla" <[EMAIL PROTECTED]> 03/07/02 12:53PM >>> > it is ismple java script that loads cmd.exe > > <SCRIPT language=JScript> > > var programName=new Array( > 'c:/windows/system32/cmd.exe', > 'c:/winnt/system32/cmd.exe', > 'c:/cmd.exe' > ); > > >
