View previous topic :: View next topic |
Author |
Message |
capi SF Senior Mod
Joined: 21 Sep 2003 Posts: 16777097 Location: Portugal
|
Posted: Wed Mar 24, 2004 3:32 am Post subject: |
|
|
Also, the file doesn't really need to exploit a bug to be dangerous or at least bothersome. For example, just by taking advantage of Java's power (or ActiveX), it could do some quite nasty things... Provided your browser supports those standards, doesn't make much difference which browser it is for something like that.
|
|
Back to top |
|
|
Anub!$ Just Arrived
Joined: 23 Sep 2003 Posts: 1 Location: Computer Chair
|
Posted: Wed Mar 24, 2004 12:32 pm Post subject: |
|
|
True, note the could part though.
My browser would not display that image, as it said it was corrupt.
I use firefox btw.
Someone here said that it downloads an exe file to you're temporary internet files folder, and then executes it, well as far as I know firefox does not allow exacutables to be written in to its temp directories.
However like you say, it can be saved to disk and then run, opening it with a text editor shows this:
Code: |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//PL">
<html>
<head>
<title>Fotki Marioli!</title>
<META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=iso-8859-2">
<META HTTP-EQUIV="Creation-date" CONTENT="2002-12-22T14:28:18Z">
<META HTTP-EQUIV="Content-Language" CONTENT="pl">
<META NAME="Keywords" CONTENT="Insert Keywords Here">
<META NAME="Description" CONTENT="Insert Description Here">
<script language="JavaScript" type="text/javascript">
// Zmienne identyfikujace przegladarke:
var nazwa = navigator.appName;
var ekran = (typeof(screen)=="object") ? screen.width : null;
var wersja = parseFloat(navigator.appVersion);
var msie = nazwa == "Microsoft Internet Explorer";
var nn = nazwa == "Netscape";
var inna = !(msie || nn);
if (msie) {
// Jesli to MSIE, to wersja zostala zle rozpoznana.
var ws = navigator.appVersion;
wersja = parseFloat(ws.substring((ws.indexOf("MSIE") + 5 ),ws.length));
}
function go(gdzie) {
window.location = gdzie
}
// Tu umiesc instrukcje przekierowania:
if (msie && wersja>=6) go('6.php')
else go('5.php')
//-->
</script>
<noscript>
</head>
<IMG SRC="ja.jpg">
<BODY BGCOLOR="#000000" LEFTMARGIN="0" TOPMARGIN="0" MARGINWIDTH="0" MARGINHEIGHT="0">
</body>
</html> |
If its ok to post that
If its not then delete it and pm me about it or something.
|
|
Back to top |
|
|
capi SF Senior Mod
Joined: 21 Sep 2003 Posts: 16777097 Location: Portugal
|
Posted: Wed Mar 24, 2004 3:47 pm Post subject: |
|
|
I have already posted that since the beginning, look 1 or 2 pages back.
Yes, certain exploits do depend on the browser, I suppose it will be the ones that don't work on top of standards (like IE's annoying tendency to happily execute every file it gets, regardless of it's extention not matching). But as I said, some standards are dangerous in nature - if the browser supports them to full extent, then it will be vulnerable to misuse (unless it implements some sort of protective limitations, in which case you can't say it supports the standard to it's full extent).
Either case, you never know. Just because Mozilla isn't IE doesn't mean it doesn't have bugs, same thing goes for Linux - what saves the day is the fact that they are (for now) far less common, so 90% of the viruses are targeted at IE-specific features (or standards that IE supports, even though other browsers may limit those standards).
|
|
Back to top |
|
|
Zarnick Just Arrived
Joined: 27 Mar 2003 Posts: 1 Location: Brazil
|
Posted: Thu Mar 25, 2004 10:24 pm Post subject: |
|
|
I would say it is 99% for M$ plataforms and apps.
|
|
Back to top |
|
|
Anub!$ Just Arrived
Joined: 23 Sep 2003 Posts: 1 Location: Computer Chair
|
Posted: Thu Mar 25, 2004 10:40 pm Post subject: |
|
|
Quote: |
I have already posted that since the beginning, look 1 or 2 pages back. |
Oh yeah, so you did
Portal must have jumped me past it after the conversation got on to the second page
|
|
Back to top |
|
|
|