[3719] in WWW Security List Archive
Re: Re : Any internet virus
daemon@ATHENA.MIT.EDU (Andrew Cameron)
Thu Dec 5 17:10:59 1996
Date: Thu, 5 Dec 1996 21:29:21 +0200 (GMT+0200)
From: Andrew Cameron <andrew@andy.alt.za>
To: Ong Joon Kian <ongjk@tm.net.my>
cc: Internet Engineering Task Force <www-security@ns2.rutgers.edu>
In-Reply-To: <199612041923.DAA01170@gandalf.asiapac.net>
Errors-To: owner-www-security@ns2.rutgers.edu
On Thu, 5 Dec 1996, Ong Joon Kian wrote:
> Greetings,
>
> I don't know about you, but it seems to me that a virus that spreads
> through ASCII is certainly nothing to worry about. Computer aren't
> designed to execute ASCII files. It needs to be converted to binary
> first. Or am I wrong?
On Good old DOS it was possible to cause damage if ansi.sys was installed.
The trick was to use ansi escape codes to re-program the keys on the PC.
Think what happens when the following is programmed into the Enter key
set foreground color to black
format c:
y
This wipes the hard drive and the poor user will not even see it.
It was a long time ago but I have seen an Ascii virus in action based on
the above.
-----------------------------------------------------------------------------
Andrew Cameron
Internet : andrew@andy.alt.za
X.400 : C=ZA G=Andrew S=Cameron Admd=TELKOM400
----------------------------------------------------------------------------
