Bugtraq mailing list archives
Re: Fwd: [nohack] Yet another way to disguise files.
From: dan-bugtraq () DILVISH SPEED NET (Dan Harkless)
Date: Thu, 18 May 2000 13:59:18 -0700
Ron DuFresne <dufresne () WINTERNET COM> writes:
Has anyone verified if this is also the case on NT boxen?
Yes -- I did my testing on NT 4.0 Service Pack 5. One thing I've discovered since I made the NeverShowExt -> AlwaysShowExt changes mentioned by the original author is that all shortcuts now have .lnk on the ends of their names. Kind of annoying (wish NTFS was a real file system that allowed links without this "hide the file extension" hack). It would be tempting to change .lnk back to NeverShowExt, but since shortcuts can include parameters to a pointed-to executable, what's to stop a malicious person from emailing a file called neatinfo.txt.lnk that's a link to something like "C:\dos\format.exe C:"? I'm sure there are scarier examples as well, not requiring the user to have DOS installed or to have to approve the destructive action. ---------------------------------------------------------------------- Dan Harkless | To prevent SPAM contamination, please dan-bugtraq () dilvish speed net | do not mention this private email SpeedGate Communications, Inc. | address in Usenet posts. Thank you.
Current thread:
- Re: Fwd: [nohack] Yet another way to disguise files. Dan Harkless (May 17)
- Re: Fwd: [nohack] Yet another way to disguise files. Larry Olin Horn (May 18)
- Nasty XFree Xserver DoS Chris Evans (May 18)
- MetaProducts Offline Explorer Directory Traversal Vulnerability Servio Medina (May 22)
- Vulnerability in infosrch.cgi SGI Security Coordinator (May 22)
- Re: Nasty XFree Xserver DoS Weston Pawlowski (May 22)
- <Possible follow-ups>
- Re: Fwd: [nohack] Yet another way to disguise files. Dan Harkless (May 18)
- [RHSA-2000:028-02] Netscape 4.73 available bugzilla () REDHAT COM (May 19)
- Black Watch Labs Vulnerability Alert Black Watch Labs (May 19)
- Black Watch Labs Vulnerability Alert Black Watch Labs (May 19)
- Re: Fwd: [nohack] Yet another way to disguise files. mock () ACTIVESTATE COM (May 19)