Vulnerability Development mailing list archives
Re: ICQ Spoofing Question (or second dumb question of the day)
From: Ozy --- <ben_gun () HOTMAIL COM>
Date: Sun, 24 Sep 2000 16:53:56 GMT
I guess what they meant is using a 'file.jpg <lots of spaces> .exe'. i've encountered a few lame a$$e$ who tried to trojan me this way. windows does not show the real extension of the file but the icon is different and you can see some spaces after the filename in the exploder. In this case, if you check the file properties, you'll see in the dos filename that the extension is .exe . APSM.
From: dis <dis () DISLOCATED NET> Reply-To: dis <dis () DISLOCATED NET> To: VULN-DEV () SECURITYFOCUS COM Subject: Re: ICQ Spoofing Question (or second dumb question of the day) Date: Thu, 21 Sep 2000 23:04:56 -0400 On Thu, 21 Sep 2000, Robert van der Meulen wrote: > > I remember a public statement they once stated someone had hacked icq > > accounts via a trojan JPEG image, uhh, yeah, ok (r33t). > I'm curious about how they did _that_ :) don't recall reading anything about > that... maybe it was really something like lame.jpg.exe (which could possibly fool REALLY dumb windows users who (a) have full filenames disabled, (b) see the faux .jpg extension, forget they have full filenames disabled, don't pay attention to the file's icon, and/or (c) werent paying attention at any point when it did happen to show the full filename. wasn't something similar done with the love bug "virus"? (what was it, love-letter-for-you.txt.vbs?) (slightly off topic, but, i have yet to see someone rant about this anywhere. hiding filename extensions is a pointless and potentially evil option.) -dis
_________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.
Current thread:
- Re: ICQ Spoofing Question (or second dumb question of the day), (continued)
- Re: ICQ Spoofing Question (or second dumb question of the day) Robert van der Meulen (Sep 20)
- Re: ICQ Spoofing Question (or second dumb question of the day) Masial (Sep 20)
- Re: ICQ Spoofing Question (or second dumb question of the day) Robert van der Meulen (Sep 21)
- Re: ICQ Spoofing Question (or second dumb question of the day) dis (Sep 22)
- Message not available
- Re: ICQ Spoofing Question (or second dumb question of the day) Audun (Sep 24)
- Re: ICQ Spoofing Question (or second dumb question of the day) Bluefish (P.Magnusson) (Sep 23)
- Re: ICQ Spoofing Question (or second dumb question of the day) Masial (Sep 24)
- Re: ICQ Spoofing Question (or second dumb question of the day) 3APA3A (Sep 20)