Stop Microsoft

All Things Microsoft => Microsoft Software => Topic started by: Refalm on 22 April 2003, 23:35

Title: If you really want to fuck IE users...
Post by: Refalm on 22 April 2003, 23:35
Put this code in your website:

Code: [Select]

And a user using IE and MS Agent 5 (standard on in Windows XP) gets a free cupholder  :D
Title: If you really want to fuck IE users...
Post by: X123 on 23 April 2003, 00:40
WOW. Someone should set up a website offering free porno and put that script in the page.
Title: If you really want to fuck IE users...
Post by: rtgwbmsr on 23 April 2003, 02:04
That is brilliant! I think I'll put that on my 404 page...

"YOU typed in the wrong URL. So I'M going to open your CD-rom drives!"

[ April 22, 2003: Message edited by: The Muffin Man ]

Title: If you really want to fuck IE users...
Post by: Pantso on 23 April 2003, 02:06
WOW! Great script!   :D   Where did you get that from Refalm?
Title: If you really want to fuck IE users...
Post by: Refalm on 23 April 2003, 02:52
quote:
Panos: Where did you get that from Refalm?


A friend made it... I was stunned when I saw it work   (http://smile.gif)  this tells much about how "secure" Internet Explorer is  (http://tongue.gif)

[EDIT]I tried it at home. It opens both my CD-ROM player and burner. Too bad it doesn't work in Mosaic, Mozilla or Opera  :rolleyes: [/EDIT]

[ April 22, 2003: Message edited by: Refalm ]

Title: If you really want to fuck IE users...
Post by: Pantso on 23 April 2003, 03:29
WOW! I tried it in Win2k and it works!   :D   Man, this is a great script! I'll make a test page just to show people how insecure IE is.   (http://tongue.gif)
Title: If you really want to fuck IE users...
Post by: ShawnD1 on 23 April 2003, 08:27
i put that in my signature at numerous forums  :D
Title: If you really want to fuck IE users...
Post by: X123 on 23 April 2003, 12:30
quote:
Originally posted by ShawnD1:
i put that in my signature at numerous forums   :D  


I thought you could only use BB code in sigs.
Title: If you really want to fuck IE users...
Post by: SAJChurchey on 23 April 2003, 20:18
Only w/ VBScript.  JavaScript doesn't allow u to do that.  Why?  B/c client-side scripting languages are suppose to be secure and not allow remote access to the client's system.  But VBScript is M$ technology so why am i not surprised.
Title: If you really want to fuck IE users...
Post by: Calum on 23 April 2003, 22:02
so where's the code to get it to wipe your windows system files and shut down and so on? CDROM opening is for wusses!  :D   :D   :D
but this does show a really serious vulnerable side of internet exploder. also, if enough people get on the campaign to include this code all over the place, we might induce a mass switch to linux purely from people fed up with closing their CD drawers!
Title: If you really want to fuck IE users...
Post by: Faust on 24 April 2003, 13:45
actually there *was* code that you could embed in a web page to delete your choice of files or folders on xp.  microsoft took two months to fix it.  the reason was "well service pack one is coming out soon. we don't want to release a patch when we can just fix it with service pack one."
i think you can read about it at grc.com but yeah any windows comouter that hasnt got service pack one or any of the hotfixes after that is vulnerable to having bits deleted.  nice script though (vb is *not* what i would call better than a scripting language... i mean perl kicks its arse.)  I must add this to my debian servers index page 8-).
Title: If you really want to fuck IE users...
Post by: Calum on 24 April 2003, 14:09
i wouldn't mind knowing that exploit for pre-service pack one, maybe i will have to google it...
Title: If you really want to fuck IE users...
Post by: mushrooomprince on 27 April 2003, 05:04
Ok i tried running that script in IE 5.1 for os ten how come it didn't work ?
Title: If you really want to fuck IE users...
Post by: TheQuirk on 27 April 2003, 05:14
Feel free to send people here if you want to show it off: http://thequirk123.haxorz.org/. (http://thequirk123.haxorz.org/.)

I assume the URL will be perfect to lure script kiddies.  :rolleyes:  It also has the thingie that crashes win9x.
Title: If you really want to fuck IE users...
Post by: edisav on 27 April 2003, 05:52
TheQuirk:
I tried your test on my fuckdows machine and it didn't work, unless you're setting up some sort of trap.
Doublecheck that link!
Title: If you really want to fuck IE users...
Post by: X123 on 27 April 2003, 21:19
quote:
Originally posted by TheQuirk:
Feel free to send people here if you want to show it off: http://thequirk123.haxorz.org/. (http://thequirk123.haxorz.org/.)

I assume the URL will be perfect to lure script kiddies.   :rolleyes:   It also has the thingie that crashes win9x.



It feels really good when you open that in mozilla.
Title: If you really want to fuck IE users...
Post by: Refalm on 27 April 2003, 22:28
quote:
TheQuirk: I assume the URL will be perfect to lure script kiddies.  :rolleyes:  It also has the thingie that crashes win9x.


Look into the source code of thequirk123.haxorz.org. It says "file:///c|/con/con", but instead it should be "C:\CON\CON\" (without the quotes).
Title: If you really want to fuck IE users...
Post by: theangelofdeath69 on 28 April 2003, 14:10
Actually, you can't reference things like that.  You have to use file:// links.

And hell, you know that pre XPSP1 problem?  Any illegal or slightly fuggered copies of XP will be vulnerable. Why?  Because SP1 checks your CD Key before installing.

If it doesn't like it... no security fixes for you!!!

Oh, and you need Windows Media Player 7 to open the cdroms.  That's why you can't do it on95 or XP, or OS X.

[ April 28, 2003: Message edited by: The Angel Of Death BETA 2.0 ]

Title: If you really want to fuck IE users...
Post by: Refalm on 29 April 2003, 01:21
quote:
The Angel Of Death: Actually, you can't reference things like that.  You have to use file:// links.


Incorrect, you actually can!

[ April 29, 2003: Message edited by: Refalm ]

Title: If you really want to fuck IE users...
Post by: jpmarat on 7 May 2003, 06:44
quote:
 It feels really good when you open that in mozilla.


DAMN RIGHT IT DOES!!!!!  :)