[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Email

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] Email
From: Nick FitzGerald <nick@virus-l.demon.co.uk>
Date: Thu, 05 Feb 2004 16:45:51 +1300

D B <geggam692000@yahoo.com> wrote:

> ok ... the click click social engineering vulnerable
> operating system everone seems to target... isnt it
> file extension based ? .... very explotable ...but
> also quite simple to change the extension 

Well, depending on the file's "real type" and the mechanism used to try 
to "open" it, not everything under Windows is extension based.  Try 
renaming any OLE2 format "compound document" type to an extension that 
is not registered then double-click it and see what happens.  There are 
also even ways to get "mis-extensioned" PEs to load and execute under 
some falvours of Windows.

> why isnt a "defanger" standard on all mail gateways ?

Perhaps because it will not be completely successful...

> guess im just not exposed to stupid on a corporate
> scale

8-)

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Email
  - From: Ake Nordin <rootmoose@telia.com>
- Re: [Full-Disclosure] Email
  - From: D B <geggam692000@yahoo.com>

Prev by Date: Re: [Full-Disclosure] Oldest Hack Sept. 1970 Just for Fun
Next by Date: Re: [Full-Disclosure] Interesting side effect of the new IE patch
Previous by thread: Re: [Full-Disclosure] Email
Next by thread: Re: [Full-Disclosure] Email
Index(es):
- Date
- Thread