Demo link (execute a program on a remote machine )
Results 1 to 8 of 8

Thread: Demo link (execute a program on a remote machine )

  1. #1

    Post Demo link (execute a program on a remote machine )

    Sorry if this is posted in the wrong forum, can't find the right one...

    http://www.liquidwd.freeserve.co.uk/

    This little demonstration could happen, but not in demo mode, to ye i guess.
    How do one protect one self from this ? Seems a little bit scary to a newbie like me...

    P-man
    You start to wonder if you really know yourself, when you smell your exkrements...

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    429
    run *nix
    [glowpurple]manually editing your config files can break them. If this happens, you get to keep both pieces. [/glowpurple]

  3. #3
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    hmm.. here is an idea... It worked for me on that page.

    Disable scripting in IE or, set it to prompt you to run a script...

  4. #4
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    ok.. I admit, it is a pain in the ass to have scripting set to prompt.

    Simply to reply to this thread after setting scripting to promt forced me to click ok 5 times...

    And I suspect it would not work at all if you disabled scripting entirely.

    Perhaps a different browser might work...

    Netscape perhaps... or

    Opera

    http://www.opera.com/

    I think that the main problem with scripting in IE is that IE is windows for all intents and purposes. So, scripts have access to core operating system commands by interfacing with IE.

    I could be wrong... maybe all browsers have a similar problem with scripting in windows..

    IchNiSan

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    FYI:

    my ie6 prompts for scripts, says they are probably safe to run, ta dah! command shell.

    opera 6 dosn't ask, dosn't run it
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  6. #6
    Flash M0nkey
    Join Date
    Sep 2001
    Posts
    3,447
    this script would open a command window when viewed in IE5/6 under WindowsXP and Win2k (possibly also WinME).
    heh for once am glad am still stuck with 95 did sweet fa even tho am running IE 5.5

    v_Ln

  7. #7
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    This shows the vulnerabilities of Windows, but there is a simple way to fix this exploit.... And all it takes is 7 simple characters..... Boot into DOS and type in 'format C:' problem solved

  8. #8
    Senior Member
    Join Date
    Aug 2001
    Posts
    356
    set prompt for scripting for the "internet" zone, then add this site to your "trusted" zone. do the same with sites you trust. and *poof* problem goes away...
    -8-

    There are 10 types of people in this world: those who understand binary, and those who dont.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •