[20014] in bugtraq
One last word on invisible file extensions
daemon@ATHENA.MIT.EDU (Floydman)
Tue Apr 3 19:22:07 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <20010403185418.95528.qmail@web11607.mail.yahoo.com>
Date: Tue, 3 Apr 2001 11:54:18 -0700
Reply-To: Floydman <floydian_99@YAHOO.COM>
From: Floydman <floydian_99@YAHOO.COM>
X-To: jfca@jfc3.com
To: BUGTRAQ@SECURITYFOCUS.COM
First of all, thank you to all who pointed out to me
about the registry key NeverShowExt, I didn't know
about it, and if I knew about it, I would have taken a
different approach. However, since I take enjoyment
in solving problems in unusual ways, I am not
disapointed of the efforts put in this work.
Also, as someone pointed out, I left out extensions
greater than 3 characters long, because the number of
extensions to check would have been too big.
I'd also like to thanks John F. Collins for his input,
as he worked also on this problem on his own. He
revised the list of extensions I supplied in my first
message, and he indicated which one are executable, as
well as those that are invisible (denoted by
NeverShowExt). The extensions where it's indicated
"Executable?" means that they haven't been tested as
executable, but it would be interesting in determining
if they really can execute code. I put the revised
list below this message for everyone's benefit.
Floydman
www.geocities.com/floydian_99
floydian_99@yahoo.com
.gz WinZip file
.ht HyperTerminal file
.it WinAmp media file
.js JScript file - Executable
.pl Perl file
.ps PS file
.PY Python file
.qt Video Clip
.tz WinZip file
.uu WinZip file
.VB VBScript File - Executable
.wm Windows Media Audio/Video File
.xm WinAmp media file
.z0 Z0 file (ZoneAlarm)
.z1 Z1 file (ZoneAlarm)
.323 H.323 Internet Telephony
.386 Virtual Device Driver
.669 WinAmp media file
.aca MS Agent Character file
.acf MS Agent Character file
.acg MS Agent Preview file
.acs MS Agent Character file
.ade MS Access Project Extension - Executable
.adn MS Access Blank Project Template
.adp MS Access Project - Executable
.aif Sound Clip
.ani Animated Cursor
.arc Winzip File
.arj Winzip File
.art ART image
.as Test file
.asa Active Server Document
.asf Streaming Audio/Video File
.asp Active Server Document
.asx Streaming Audio/Video shortcut - Executable
.avi Video clip
.awd Fax Viewer Document
.b64 WinZip file
.BAS Visual Basic Class Module - Executable
.bat MD-DOS Batch file - Executable
.bhx WinZip file
.bmp Bitmap Image
.c C source code
.cab WinZip file
.cat Security Catalog
.cda WinAmo media file
.cdf Channel File
.cdx Active Server Document
.cer Security Certificate
.chm Compiled HTML Help file - Executable
.cil Clip Gallery Download Package
.CMD Windows NT Command Script - Executable
.cnf SpeedDial (NeverShowExt) - Executable
.com MS-DOS Application - Executable
.cpl Control Panel extension - Executable
.crl Certificate Revocation List
.crt Security Certificate - Executable
.css Cascading Style Sheet Document
.csv MS Excel Comma Separated Values file
.cur Cursor
.dcx DCX Image Document
.der Security Certificate
.dic Text Document
.dif MS Excel Data Interchange Format
.dll Application Extension
.doc MS Word Document
.dot MS Word Template
.dqy MS Excel ODBC Query file
.drv Device Driver
.dsm WinAmp media file
.dsn MS OLE DB Provider for ODBC Drivers
.dun Dial-Up Networking Exported file
.eml Outlook Express Mail Message
.exc Text Document
.exe Application - Executable, by definition
.far WinAmp media file
.fav Outlook Bar Shortcuts
.fdf Adobe Acrobat Forms Document
.fnd Saved Search
.fon Font file
.gfi GFI File
.gfx GFX File
.gif GIF Image
.gim GIM File
.gix GIX File
.gna GNA File
.gnx GNX File
.gra MS Graph 2000 Chart
.grp MS Program Group
.gwx GWX File
.gwz GWZ File
.h C definition code
.hlp Help File - Executable
.hqx WinZip File
.hta HTML Application - Executable
.htm MS HTML Document 5.0
.htt HyperText Template
.htx Internet Database Connector HTML Template
.icc ICC Profile
.icm ICC Profile
.ics iCalendar File
.idf MIDI Instrument Definition
.iii Intel IPhone Compatible
.inf Setup information - Executable
.ini Configuration Settings
.ins Internet Communication Settings - Executable
.iqy MS Excel Web Query File
.isp Internet Communication Setting - Executable
.its Internet Document Set
.ivf IVF File
.job Task Scheduler Task Object
.jod MS.Jet.OLEDB.4.0
.jpe JPEG Image
.jpg JPEG Image
.JSE Jscript Encoded Script File Ink Shortcut -
Executable
.lnk Shortcut (NeverShowExt) - Executable
.lsf Streaming Audio/Video file
.lsx Streaming Audio/Video shortcut
.lwv MS Linguistically Enhanced Sound File
.lzh WinZip File
.m1v Movie Clip
.m3u WinAmp Playlist file
.mad MS Access Module Shortcut (NeverShowExt) -
Executable?
.maf MS Access Form Shortcut (NeverShowExt) -
Executable?
.mag MS Access Diagram Shortcut (NeverShowExt) -
Executable?
.mam MS Access Macro Shortcut (NeverShowExt) -
Executable?
.maq MS Access Query Shortcut (NeverShowExt) -
Executable?
.mar MS Access Report Shortcut (NeverShowExt) -
Executable?
.mas MS Access StoredProcedure shortcut (NeverShowExt)
-
Executable?
.mat MS Access Table Shortcut (NeverShowExt) -
Executable?
.mav MS Access View Shortcut (NeverShowExt) -
Executable?
.maw MS Access Data Access Page Shortcut
(NeverShowExt) -
Executable?
.mda MS Access Add-in
.mdb MS Access Application - Executable
.mde MS Access MDE Database - Executable
.mdn MS Access Blank Database Template
.mdt MS Access Add-in data
.mdw MS Access Workgroup Information
.mdz MS Access Database Wizard Template
.mht MS MHTML Document Document 5.0
.mid WinAmp media file
.mim WinZip file
.mmc Medias Catalog
.mod WinAmp Media file
.mov Video Clip
.mp1 Winamp Media file
.mp2 WinAmp Media file
.mp3 Winamp Media file
.mpa Movie Clip
.mpe Movie Clip
.mpg Movie Clip
.msc MSC File - Executable
.MSC MS Common Console Document
.msg Outlook Item
.msi Windows Installer Package - Executable
.msp Windows Installer Patch - Executable
.MST Visual Test Source Files - Executable
.mtm WinAmp Media file
.nsc NSC File
.nws Outlook Express News Message
.oft Outlook Item Template
.opx MS Organization Chart 2.0
.oqy MS Excal OLAP Query File
.oss Office Search
.p10 Certificate Request
.p12 Personnal Information Exchange
.p7b PKCS #7 Certificates
.p7m PKCS #7 MIME Message
.p7r Certificate Request Response
.p7s PKCS #7 Signature
.PCD Photo CD Image - Executable
.pcx PCX Image Document
.pdf Adobe Acrobat Document
.pfx Personnal Information Exchange
.pif Shortcut to MS-DOS Program (NeverShowExt) -
Executable
.pko Public Key Security Object
.pls Winamp Playlist file
.png PNG Image
.pot MS PowerPoint Template
.ppa MS PowerPoint Addin
.pps MS PowerPoint Slide Show
.ppt MS PowerPoint Presentation
.prf PICSRules File
.pwz MS PowerPoint Wizard
.qcp QUALCOMM PureVoice File
.que Task Scheduler Queue Object
.rat Rating System File
.reg Registration Entries - Executable
.rmf Adobe Webbuy Plugin
.rmi MIDI Sequence
.rqy MS Excel OLE DB Query files
.rtf Rich Text Format
.s3m WinAmp Media file
.scf Windows Explorer Command (NeverShowExt, generic
icon) -
Executable?
.scp Dial-Up Networking Script
.scr Screen Saver File - Executable
.sct Windows Script Component - Executable
.shb Shortcut into a document (NeverShowExt) -
Executable
.shf PGP Share
.shs Shell Scrap object (NeverShowExt) - Executable
.sig PGP Detached signature file
.skr PGP Private Keyring
.slk MS Excel SLK Data Import Format
.snd AU Format Sound
.snp Snapshot File
.spa Flash Movie
.spc PKCS #7 Certificates
.spl Shockwave Flash Object
.sst Certificate Store
.sta sta file (Eudora)
.stl Certificate Trust List
.stm WinAmp media file
.swf Shockwave Flash Object
.swt Generator Template
.sys System file
.tar WinZip file
.taz WinZip file
.tgz WinZip file
.tif TIF Image Document
.ttf TrueType Font file
.txt Text Document
.udl MS Data Link
.uls Internet Location Service (generic icon) -
Executable?
.ult Winamp media file
.url Internet Shortcut (NeverShowExt) - Executable
.uue Winzip File
.VBE VBScript Encoded Script File - Executable
.VBS VBScript Script File - Executable
.vcf vCard File
.vcs vCalendar File
.voc Winamp Medias file
.vsd VISIO 5 drawing
.vss VISIO 5 drawing
.vst VISIO 5 drawing
.vsw VISIO 5 drawing
.vxd Virtual device driver
.wab Address Book File
.wav Winamp media file
.wbk MS Word Backup Document
.wht MS NetMeeting Whiteboard Document
.wif WIF Image Document
.wiz MS Word Wizard
.wlg Dr. Watson Log
.wma Winamp media file
.WPD WordPerfect file
.wpz Winamp extension installation file
.wri Write Document
.wsc Windows Script Component - Executable
.WSF Windows Script File - Executable
.WSH Windows Scripting Host Settings File - Executable
.wsz Winamp extension installation file
.xif XIF Image Document
.xla MS Excel Add-in
.xlb MS Excel Worksheet
.xlc MS Excel Chart
.xld MS Excel 5.0 DialogSheet
.xlk MS Excel Backup File
.xll MS Excel XLL
.xlm MS Excel 4.0 Macro
.xls MS Excel Worksheet
.xlt MS Excel Template
.xlv MS Excel VBA Module
.xlw MS Excel Workspace
.xml XML Document
.xnk Exchange Shortcut (NeverShowExt) - Executable?
.xsl XSL Stylesheet
.xxe Winzip file
.z WinZip file
.zip Winzip file
.zl0 ... .zly ZoneAlarm Mailsafe file
==
Here is my sorted list:
==
File Extensions
.323 H.323 Internet Telephony
.386 Virtual Device Driver
.669 WinAmp media file
.aca MS Agent Character file
.acf MS Agent Character file
.acg MS Agent Preview file
.acs MS Agent Character file
.ade MS Access Project Extension - Executable
.adn MS Access Blank Project Template
.adp MS Access Project - Executable
.aif Sound Clip
.ani Animated Cursor
.arc Winzip File
.arj Winzip File
.art ART image
.as Test file
.asa Active Server Document
.asf Streaming Audio/Video File
.asp Active Server Document
.asx Streaming Audio/Video shortcut - Executable
.au AU Format Sound
.avi Video clip
.awd Fax Viewer Document
.b64 WinZip file
.bas Visual Basic Class Module - Executable
.bat MD-DOS Batch file - Executable
.bhx WinZip file
.bmp Bitmap Image
.c C source code
.cab WinZip file
.cat Security Catalog
.cda WinAmo media file
.cdf Channel File
.cdx Active Server Document
.cer Security Certificate
.chm Compiled HTML Help file - Executable
.cil Clip Gallery Download Package
.cmd Windows NT Command Script - Executable
.cnf SpeedDial (NeverShowExt) - Executable
.com MS-DOS Application - Executable
.cpl Control Panel extension - Executable
.crl Certificate Revocation List
.crt Security Certificate - Executable
.css Cascading Style Sheet Document
.csv MS Excel Comma Separated Values file
.cur Cursor
.dcx DCX Image Document
.der Security Certificate
.dic Text Document
.dif MS Excel Data Interchange Format
.dll Application Extension
.doc MS Word Document
.dot MS Word Template
.dqy MS Excel ODBC Query file
.drv Device Driver
.dsm WinAmp media file
.dsn MS OLE DB Provider for ODBC Drivers
.dun Dial-Up Networking Exported file
.eml Outlook Express Mail Message
.exc Text Document
.exe Application - Executable, by definition
.far WinAmp media file
.fav Outlook Bar Shortcuts
.fdf Adobe Acrobat Forms Document
.fnd Saved Search
.fon Font file
.gfi GFI File
.gfx GFX File
.gif GIF Image
.gim GIM File
.gix GIX File
.gna GNA File
.gnx GNX File
.gra MS Graph 2000 Chart
.grp MS Program Group
.gwx GWX File
.gwz GWZ File
.gz WinZip file
.h C definition code
.hlp Help File - Executable
.hqx WinZip File
.ht HyperTerminal file
.hta HTML Application - Executable
.htm MS HTML Document 5.0
.htt HyperText Template
.htx Internet Database Connector HTML Template
.icc ICC Profile
.icm ICC Profile
.ics iCalendar File
.idf MIDI Instrument Definition
.iii Intel IPhone Compatible
.inf Setup information - Executable
.ini Configuration Settings
.ins Internet Communication Settings - Executable
.iqy MS Excel Web Query File
.isp Internet Communication Setting - Executable
.it WinAmp media file
.its Internet Document Set
.ivf IVF File
.job Task Scheduler Task Object
.jod MS.Jet.OLEDB.4.0
.jpe JPEG Image
.jpg JPEG Image
.js JScript file - Executable
.jse Jscript Encoded Script File Ink Shortcut -
Executable
.lnk Shortcut (NeverShowExt) - Executable
.lsf Streaming Audio/Video file
.lsx Streaming Audio/Video shortcut
.lwv MS Linguistically Enhanced Sound File
.lzh WinZip File
.m1v Movie Clip
.m3u WinAmp Playlist file
.mad MS Access Module Shortcut (NeverShowExt) -
Executable?
.maf MS Access Form Shortcut (NeverShowExt) -
Executable?
.mag MS Access Diagram Shortcut (NeverShowExt) -
Executable?
.mam MS Access Macro Shortcut (NeverShowExt) -
Executable?
.maq MS Access Query Shortcut (NeverShowExt) -
Executable?
.mar MS Access Report Shortcut (NeverShowExt) -
Executable?
.mas MS Access StoredProcedure shortcut (NeverShowExt)
-
Executable?
.mat MS Access Table Shortcut (NeverShowExt) -
Executable?
.mav MS Access View Shortcut (NeverShowExt) -
Executable?
.maw MS Access Data Access Page Shortcut
(NeverShowExt) -
Executable?
.mda MS Access Add-in
.mdb MS Access Application - Executable
.mde MS Access MDE Database - Executable
.mdn MS Access Blank Database Template
.mdt MS Access Add-in data
.mdw MS Access Workgroup Information
.mdz MS Access Database Wizard Template
.mht MS MHTML Document Document 5.0
.mid WinAmp media file
.mim WinZip file
.mmc Medias Catalog
.mod WinAmp Media file
.mov Video Clip
.mp1 Winamp Media file
.mp2 WinAmp Media file
.mp3 Winamp Media file
.mpa Movie Clip
.mpe Movie Clip
.mpg Movie Clip
.msc MS Common Console Document - Executable
.msg Outlook Item
.msi Windows Installer Package - Executable
.msp Windows Installer Patch - Executable
.mst Visual Test Source Files - Executable
.mtm WinAmp Media file
.nsc NSC File
.nws Outlook Express News Message
.oft Outlook Item Template
.opx MS Organization Chart 2.0
.oqy MS Excal OLAP Query File
.oss Office Search
.p10 Certificate Request
.p12 Personnal Information Exchange
.p7b PKCS #7 Certificates
.p7m PKCS #7 MIME Message
.p7r Certificate Request Response
.p7s PKCS #7 Signature
.pcd Photo CD Image - Executable
.pcx PCX Image Document
.pdf Adobe Acrobat Document
.pfx Personnal Information Exchange
.pif Shortcut to MS-DOS Program (NeverShowExt) -
Executable
.pko Public Key Security Object
.pl Perl file
.pls Winamp Playlist file
.png PNG Image
.pot MS PowerPoint Template
.ppa MS PowerPoint Addin
.pps MS PowerPoint Slide Show
.ppt MS PowerPoint Presentation
.prf PICSRules File
.ps PS file
.pwz MS PowerPoint Wizard
.py Python file
.qcp QUALCOMM PureVoice File
.qt QuickTime Video Clip
.que Task Scheduler Queue Object
.rat Rating System File
.reg Registration Entries - Executable
.rmf Adobe Webbuy Plugin
.rmi MIDI Sequence
.rqy MS Excel OLE DB Query files
.rtf Rich Text Format
.s3m WinAmp Media file
.scf Windows Explorer Command (NeverShowExt, generic
icon) -
Executable?
.scp Dial-Up Networking Script
.scr Screen Saver File - Executable
.sct Windows Script Component - Executable
.shb Shortcut into a document (NeverShowExt) -
Executable
.shf PGP Share
.shs Shell Scrap object (NeverShowExt) - Executable
.sig PGP Detached signature file
.skr PGP Private Keyring
.slk MS Excel SLK Data Import Format
.snd AU Format Sound
.snp Snapshot File
.spa Flash Movie
.spc PKCS #7 Certificates
.spl Shockwave Flash Object
.sst Certificate Store
.sta sta file (Eudora)
.stl Certificate Trust List
.stm WinAmp media file
.swf Shockwave Flash Object
.swt Generator Template
.sys System file
.tar WinZip file
.taz WinZip file
.tgz WinZip file
.tif TIF Image Document
.ttf TrueType Font file
.txt Text Document
.tz WinZip file
.udl MS Data Link
.uls Internet Location Service (generic icon) -
Executable?
.ult Winamp media file
.url Internet Shortcut (NeverShowExt) - Executable
.uu WinZip file
.uue Winzip File
.vb VBScript File - Executable
.vbe VBScript Encoded Script File - Executable
.vbs VBScript Script File - Executable
.vcf vCard File
.vcs vCalendar File
.voc Winamp Medias file
.vsd VISIO 5 drawing
.vss VISIO 5 drawing
.vst VISIO 5 drawing
.vsw VISIO 5 drawing
.vxd Virtual device driver
.wab Address Book File
.wav Winamp media file
.wbk MS Word Backup Document
.wht MS NetMeeting Whiteboard Document
.wif WIF Image Document
.wiz MS Word Wizard
.wlg Dr. Watson Log
.wm Windows Media Audio/Video File
.wma Winamp media file
.wpd WordPerfect file
.wpz Winamp extension installation file
.wri Write Document
.wsc Windows Script Component - Executable
.wsh Windows Script File - Executable
.wsh Windows Scripting Host Settings File - Executable
.wsz Winamp extension installation file
.xif XIF Image Document
.xla MS Excel Add-in
.xlb MS Excel Worksheet
.xlc MS Excel Chart
.xld MS Excel 5.0 DialogSheet
.xlk MS Excel Backup File
.xll MS Excel XLL
.xlm MS Excel 4.0 Macro
.xls MS Excel Worksheet
.xlt MS Excel Template
.xlv MS Excel VBA Module
.xlw MS Excel Workspace
.xm WinAmp media file
.xml XML Document
.xnk Exchange Shortcut (NeverShowExt) - Executable?
.xsl XSL Stylesheet
.xxe Winzip file
.z WinZip file
.z0 Z0 file (ZoneAlarm)
.z1 Z1 file (ZoneAlarm)
.zip Winzip file
.zl0 ... .zly ZoneAlarm Mailsafe file
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
