Vulnerability Development mailing list archives

Re: .com

From: dullien () gmx de
Date: Tue, 2 Oct 2001 11:10:19 -0700

Hey Pauli,

somehow we're replicating our work ;)

PO> dunno if this has already occurred in people's mind but
PO> as there is the nice similarity between the ancient .com
PO> executable file extension and the tld .com ignorant
PO> clients could be fooled by sending executables that
PO> are named after popular .com www-sites. clear enough?-)

Yes, and most funnily: You don't need to actually have a .com file
in there - The operating system checks for the MZ/ZM signature,
and then hands the file over to the .EXE handler if present. Therefore
you can just rename any .EXE file .com and it will properly execute.

Cheers,
Thomas


-- 
Mit freundlichen Grüssen
dullien () gmx de                            mailto:dullien () gmx de

Current thread:

.com Pauli Ojanperä (Oct 02)
- Re: .com Nexus (Oct 02)
- Re: .com dullien (Oct 02)
  - Re: .com Enrique A. Sanchez Montellano (Oct 03)