Re: ICQ Spoofing Question (or second dumb question of the day)

[Ozy --- <ben_gun () HOTMAIL COM>]

I guess what they meant is using a 'file.jpg <lots of spaces> .exe'.  i've
encountered a few lame a$$e$ who tried to trojan me this way.  windows does
not show the real extension of the file but the icon is different  and you
can see some spaces after the filename in the exploder.
In this case, if you check the file properties, you'll see in the dos
filename that the extension is .exe .

APSM.

> From: dis <dis () DISLOCATED NET>
> Reply-To: dis <dis () DISLOCATED NET>
> To: VULN-DEV () SECURITYFOCUS COM
> Subject: Re: ICQ Spoofing Question (or second dumb question of the day)
> Date: Thu, 21 Sep 2000 23:04:56 -0400
>
> On Thu, 21 Sep 2000, Robert van der Meulen wrote:
>
> > > I remember a public statement they once stated someone had hacked icq
> > > accounts via a trojan JPEG image, uhh, yeah, ok (r33t).
> > I'm curious about how they did _that_ :) don't recall reading anything
> about
> > that...
>
> maybe it was really something like lame.jpg.exe (which could possibly
> fool REALLY dumb windows users who (a) have full filenames disabled,
> (b) see the faux .jpg extension, forget they have full filenames disabled,
> don't pay attention to the file's icon, and/or (c) werent paying
> attention at any point when it did happen to show the full filename.
>
> wasn't something similar done with the love bug "virus"?
> (what was it, love-letter-for-you.txt.vbs?)
>
>
> (slightly off topic, but, i have yet to see someone rant about this
> anywhere.  hiding filename extensions is a pointless and potentially evil
> option.)
>
>
> -dis

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.