Vulnerability Development mailing list archives
Re: Bubble Boy Virus Spreading Mechanism
From: Andrew_Leong () EMAIL COM (Andrew Leong)
Date: Wed, 17 May 2000 11:40:53 +0800
Thanks Mr Hecix for forwarding the material. But some questions arise from it. It is obvious that the script uses the Scriptlet.TypeLib Control from the ClassID. However, why does it use 2 of them. And why is the one assided to SoupNazi not used? Is there an error in the script? Or does the other one use the EyeDog Control? If so then is the ClassID wrong? Next question, does the Vandelay.Doc = " **INSERT CODE HERE**" mean that the binary code is attached (like in buffer overflows?). How do we put the code in? And what happens when Vandelay.Write is executed? Does it create a temporary file with the code written into it? Then when Windoz reboots, does it auto-run it due to the Update.HTA file? Or is the code written into Update.HTA? Comments anyone? Thanks. Andrew Leong ____________________________________________________________________________ Public Key: http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x1BFF3601 PGP Key Fingerprint = 92F8 EF74 19A3 EEC6 6B83 9D83 A61B 20C5 1BFF 3601 ____________________________________________________________________________
Current thread:
- Re: Bubble Boy Virus Spreading Mechanism Maxime Rousseau (May 15)
- <Possible follow-ups>
- Re: Bubble Boy Virus Spreading Mechanism Mr Hecix (May 16)
- Re: Bubble Boy Virus Spreading Mechanism Mr Hecix (May 16)
- Re: Bubble Boy Virus Spreading Mechanism Andrew Leong (May 16)
- Re: Bubble Boy Virus Spreading Mechanism Masial (May 16)
- Re: Bubble Boy Virus Spreading Mechanism . Hecix (May 17)