> -----Original Message-----
> From: http-equiv (at) excite (dot) com [email concealed] [mailto:http-equiv (at) malware (dot) com [email concealed]]
> Sent: Wednesday, February 26, 2003 4:45 AM
> To: bugtraq (at) securityfocus (dot) com [email concealed]
> Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II
> Tuesday, February 25, 2003
>
> We are delighted to learn that the original self-executing html file,
> from June 1 2002 is now fixed with the most current of the many
> patches for the Internet Explorer series of browsers. See:
>
> http://online.securityfocus.com/archive/1/275126
>
> Regrettably.
>
> The following file is an html file comprising both scripting and an
> executable [*.exe].
>
> We inject scripting and an executable into the html file which is
> designed to point back to the executable in the html file and execute
> it. Provided the html file is an html file, Internet Explorer 5.5 and
> 6.0 will execute it.
>
> Because it is an html file proper, Internet Explorer opens it. The
> scripting inside is then parsed and fired. That scripting is pointing
> back to the same executable file with our original codebase object
> from the year 2000 and because it is a self-executing html file, it
> executes !
>
> Tested IE5.5 and IE6. Fully self-contained harmless *.exe:
>
> http://www.malware.com/html.exe.zip
>
> Be aware of html files out there.
>
> Key Words: Trust it's Worthy so Think it's Tank silly obvious
>
> --
> http://www.malware.com
Sorry One Liner,
Dike
> -----Original Message-----
> From: http-equiv (at) excite (dot) com [email concealed] [mailto:http-equiv (at) malware (dot) com [email concealed]]
> Sent: Wednesday, February 26, 2003 4:45 AM
> To: bugtraq (at) securityfocus (dot) com [email concealed]
> Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II
> Tuesday, February 25, 2003
>
> We are delighted to learn that the original self-executing html file,
> from June 1 2002 is now fixed with the most current of the many
> patches for the Internet Explorer series of browsers. See:
>
> http://online.securityfocus.com/archive/1/275126
>
> Regrettably.
>
> The following file is an html file comprising both scripting and an
> executable [*.exe].
>
> We inject scripting and an executable into the html file which is
> designed to point back to the executable in the html file and execute
> it. Provided the html file is an html file, Internet Explorer 5.5 and
> 6.0 will execute it.
>
> Because it is an html file proper, Internet Explorer opens it. The
> scripting inside is then parsed and fired. That scripting is pointing
> back to the same executable file with our original codebase object
> from the year 2000 and because it is a self-executing html file, it
> executes !
>
> Tested IE5.5 and IE6. Fully self-contained harmless *.exe:
>
> http://www.malware.com/html.exe.zip
>
> Be aware of html files out there.
>
> Key Words: Trust it's Worthy so Think it's Tank silly obvious
>
> --
> http://www.malware.com
[ reply ]