Vulnerability Development mailing list archives
Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs
From: kain () EGOTRIP DK (Knud Erik Højgaard)
Date: Sat, 15 Apr 2000 04:49:37 +0200
more than 3(three) exclamation marks is a sign of insanity. so is lousy english. removing wscript and cscript links is not a solution. nor is open source. the whole purpose(IMHO) with these languages is being able to do anything. open source on this will improve nothing. its like exchanging a command.com with an 'improved' one, where users cant type del and mkdir etc. ...uuuh..how would you run a server checking all the attachments being sent ? just search for 'malicious' strings ? people made computers. people will always find a loophole. the things you suggest are impossible. imagine searching for certain strings in all attachments..uiie..maybe on your 5 user network it would work...AFAIK the place i work have about 900 people...mailing _all_ the time..what kind of server would you use ? or would you disallow all attachments ? nice solution... search for certain strings in certain filetypes. untill someone discovers a new neat trick. ..where in windows is the its:// protocol(chm(compiled html) - for reading help files etc) described? nowhere. how many more of these 'secret' things are around? noone knows. so your solution is crap. thats all... beer rocks. sun sucks! Knud Erik Højgaard l33t h3lpd3sk 4$$munch At 14:26 11-05-00 -0600, you wrote:
I have users that are not willing to remove their wscript and cscript links.:-( I would like to see any time a *.vbs try to run a pgp checksum is sent to a PKI or LDAP server to be authenticated. Any program that fails will be send to the sysadmin. This should be easy because most users do not write there own vb scripts. I can see two or three ways of doing this. 1.) Simple rename wscript.exe to wscript.obj The write a program to be wscript.exe replacement that sends for authentication. The send the ole to the wscript.obj. 2.) Has MS open up the source code to wscript and cscript so we can rewrite are own. 3.) If MS add this themselves. <--- I do not thing this will happen because they said it's not our problem, NOT A BUG it is a feature. I also would like this to be expandable to all binary!!!!! If we are going to stop all virus and worms this is the best way I can think or. Enjoy, Richard Rager
Current thread:
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Knud Erik Højgaard (Apr 14)
- <Possible follow-ups>
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Harmer, Mike (May 12)
- regarding phrack49's stack smashing tutorial Christian Hammers (May 13)
- Re: regarding phrack49's stack smashing tutorial Precious Roy (May 13)
- Re: regarding phrack49's stack smashing tutorial Bluefish (May 13)
- QPOP2.5* exploit ?? Ryan Sweat (May 14)
- Re: QPOP2.5* exploit ?? H D Moore (May 14)
- Re: QPOP2.5* exploit ?? jms (May 13)
- Napster Fix optik (May 14)
- Re: QPOP2.5* exploit ?? Maurycy Prodeus (May 15)
- Re: QPOP2.5* exploit ?? jms (May 14)
- regarding phrack49's stack smashing tutorial Christian Hammers (May 13)