Re: Fwd: [nohack] Yet another way to disguise files.

[dan-bugtraq () DILVISH SPEED NET (Dan Harkless)]

Ron DuFresne <dufresne () WINTERNET COM> writes:
> Has anyone verified if this is also the case on NT boxen?

Yes -- I did my testing on NT 4.0 Service Pack 5.

One thing I've discovered since I made the NeverShowExt -> AlwaysShowExt
changes mentioned by the original author is that all shortcuts now have .lnk
on the ends of their names.  Kind of annoying (wish NTFS was a real file
system that allowed links without this "hide the file extension" hack).

It would be tempting to change .lnk back to NeverShowExt, but since
shortcuts can include parameters to a pointed-to executable, what's to stop
a malicious person from emailing a file called neatinfo.txt.lnk that's a
link to something like "C:\dos\format.exe C:"?  I'm sure there are scarier
examples as well, not requiring the user to have DOS installed or to have to
approve the destructive action.

----------------------------------------------------------------------
Dan Harkless                   | To prevent SPAM contamination, please
dan-bugtraq () dilvish speed net  | do not mention this private email
SpeedGate Communications, Inc. | address in Usenet posts.  Thank you.