[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] DLL hijacking with Autorun on a USB drive
- To: "paul.szabo@xxxxxxxxxxxxx" <paul.szabo@xxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] DLL hijacking with Autorun on a USB drive
- From: Dan Kaminsky <dan@xxxxxxxxxxx>
- Date: Thu, 26 Aug 2010 21:41:51 -0700
On Aug 26, 2010, at 9:30 PM, paul.szabo@xxxxxxxxxxxxx wrote:
> Dan Kaminsky <dan@xxxxxxxxxxx> wrote:
>
>>>> Instead of it executing "wab.exe (Windows Address Book) and open
>>>> the
>>>> file test.vcf", one can directly get any .exe file open.
>>>
>>> Users have shown themselves very willing to open up test.vcf.exe.
>>
>> Or for that matter, test, which is actually an exe with the icon of a
>> vcf. Thus the problem with all this chortling about foolish
>> applications: the desktop simply does not possess the security model
>> of the browser or the email client.
>
> Badly setup desktops: do not "hide extensions", maybe view details (or
> list) not icons.
All that matters is defaults, and icons are way more powerful signals
than a couple of letters at the end of "2010 Market
Projections.ppt.exe' anyway.
The web browser and the email client are not designed to launch
arbitrary code. The desktop, with the slight caveat of Standard User
vs. Administrator, simply is.
> Cheers, Paul
>
> Paul Szabo psz@xxxxxxxxxxxxxxxxx http://www.maths.usyd.edu.au/u/psz/
> School of Mathematics and Statistics University of Sydney
> Australia
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/