[29074] in bugtraq
Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II
daemon@ATHENA.MIT.EDU (D'Amato Luigi)
Thu Feb 27 12:03:42 2003
Message-ID: <00d301c2debc$9a7e94c0$6900a8c0@portatile>
From: "D'Amato Luigi" <luigidamato@networkingitalia.it>
To: <bugtraq@securityfocus.com>
Date: Thu, 27 Feb 2003 12:01:51 -1200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Confirm on 6.0.2800.1106
On my IE is present: SP1, q324929, q810847, q813951
D'Amato Luigi
Admin www.securitywireless.info
----- Original Message -----
From: "Dike" <Dike@tarita.co.id>
To: <bugtraq@securityfocus.com>
Sent: Tuesday, February 25, 2003 1:50 PM
Subject: RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II
> Confirmed on IE 5.0 too :(
>
> Sorry One Liner,
> Dike
>
> > -----Original Message-----
> > From: http-equiv@excite.com [mailto:http-equiv@malware.com]
> > Sent: Wednesday, February 26, 2003 4:45 AM
> > To: bugtraq@securityfocus.com
> > Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II
> > Tuesday, February 25, 2003
> >
> > We are delighted to learn that the original self-executing html file,
> > from June 1 2002 is now fixed with the most current of the many
> > patches for the Internet Explorer series of browsers. See:
> >
> > http://online.securityfocus.com/archive/1/275126
> >
> > Regrettably.
> >
> > The following file is an html file comprising both scripting and an
> > executable [*.exe].
> >
> > We inject scripting and an executable into the html file which is
> > designed to point back to the executable in the html file and execute
> > it. Provided the html file is an html file, Internet Explorer 5.5 and
> > 6.0 will execute it.
> >
> > Because it is an html file proper, Internet Explorer opens it. The
> > scripting inside is then parsed and fired. That scripting is pointing
> > back to the same executable file with our original codebase object
> > from the year 2000 and because it is a self-executing html file, it
> > executes !
> >
> > Tested IE5.5 and IE6. Fully self-contained harmless *.exe:
> >
> > http://www.malware.com/html.exe.zip
> >
> > Be aware of html files out there.
> >
> > Key Words: Trust it's Worthy so Think it's Tank silly obvious
> >
> > --
> > http://www.malware.com
>
>
>
