Bugtraq mailing list archives
Re: [Full-disclosure] Binary Planting Goes "Any File Type"
From: Dan Kaminsky <dan () doxpara com>
Date: Fri, 8 Jul 2011 12:10:31 -0700
And here's where your exploit stops being one: === Suppose the current version of Apple Safari (5.0.5) is our default web browser. If we put the above files in the same directory (on a local drive or a remote share) and double-click Test.html, what happens is the following: === At this point, Test.html might actually be test.exe with the HTML icon embedded. Everything else then is unnecessary obfuscation -- code execution was already possible the start by design. This is a neat vector though, and it's likely that with a bit more work it could be turned into an actual RCE. On Fri, Jul 8, 2011 at 10:38 AM, ACROS Security Lists <lists () acros si> wrote:
We published a blog post on a nice twist to binary planting which we call "File Planting." There'll be much more of this from us in the future, but here's the first sample for you to (hopefully) enjoy. http://blog.acrossecurity.com/2011/07/binary-planting-goes-any-file-type.html or http://bit.ly/nXmRFD Best regards, Mitja Kolsek CEO&CTO ACROS, d.o.o. Makedonska ulica 113 SI - 2000 Maribor, Slovenia tel: +386 2 3000 280 fax: +386 2 3000 282 web: http://www.acrossecurity.com blg: http://blog.acrossecurity.com ACROS Security: Finding Your Digital Vulnerabilities Before Others Do _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [Full-disclosure] Binary Planting Goes "Any File Type" Dan Kaminsky (Jul 11)
- Re: [Full-disclosure] Binary Planting Goes "Any File Type" Mitja Kolsek (Jul 11)
- Re: [Full-disclosure] Binary Planting Goes "Any File Type" Dan Kaminsky (Jul 11)
- Re: [Full-disclosure] Binary Planting Goes "Any File Type" Mitja Kolsek (Jul 11)