Whats the worst thing HTML can do?
Results 1 to 10 of 10

Thread: Whats the worst thing HTML can do?

  1. #1
    Member
    Join Date
    May 2002
    Posts
    40

    Question Whats the worst thing HTML can do?

    From time to time I look at new exploits and sometimes I see exploit that cause HTML to run on "My Computer" zone, but As far as i know, the "worst" thing you can do with HTML is activate an EXE file.

    So I say to myself, Oh no, im doomed, someone can activate my calculator!

    Thats why I was wondering, what is the worst thing HTML that runs on "My Computer" zone can do? Why do i need to defend against those?

  2. #2
    Purveyor of Lather Syini666's Avatar
    Join Date
    Aug 2001
    Posts
    553
    Well running an exe is pretty bad actually. For instance, one could run a telnet server (like the one that comes with windows 2000 pro) and exploit that. Someone could also open multiple exes so fast that it crashes the system (a couple hundred copies of calculator running would probably not be a good thing unless you have mountains of RAM to spare) I've seen a few HTML type of exploits happen, and they arent too cool, esp that one a while back that could read your MSN Messenger contact list.
    You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    html isnt really the danger. it's the scripts that can run from it. these can download and run exe's like trojans and virus files. if you want to see an example, the next time you find nimda or code red code in your server logs, go browse the site that sent it. you'll become infected even if you have the patchs installed on your server by the java script that it appends to the infected sites home page.

    opening calc is just to show, harmlessly, that scripts can run exes without your permission. it could, just as easly run a copy of netcat or the tini backdoor it's just downloaded
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  4. #4
    Member
    Join Date
    May 2002
    Posts
    40
    these can download and run exe's like trojans and virus files
    I checked it, and by default, the setting for download permission for signed ActiveX controls is "Prompt", and the setting for download unsigned ActiveX controls in the "My Computer" zone is "Disable".

    so even if an html runs in "My computer" zone, it cannot download and run EXE's or ActiveX's, it can only run EXE's that are already on that computer. yeah, that can be bad, I agree that in some cases, some EXE's can do a bit harm, or 30294 Calculators can be annoying, but its still not that critical, right?

  5. #5
    Senior Member Unl3Ashed's Avatar
    Join Date
    Aug 2002
    Posts
    103
    IMHO most of these attacks could be solved by NOT using Internet explorer and disabling java.
    here is a list of some attacks ( Unpatched IE security holes ) : http://www.pivx.com/larholm/unpatched/
    In above site you can also test yourself to See if you are vulnerable or not.

    Some of those unpathced attacks are :
    Java XMLDSO base tag
    delegated SSL authority
    CTRL-key file upload focus
    FTP Folder View XSS
    Self-executing HTML Help
    HTML Help ActiveX
    IE dot bug
    Security zone transfer
    script src" local file enumeration
    IE https certificate attack

    And many others which if you know you won't use IE at all.
    "Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
    - Albert Einstein

  6. #6
    Scarey......Thanks for the link to pivx.com

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    I checked it, and by default, the setting for download permission for signed ActiveX controls is "Prompt", and the setting for download unsigned ActiveX controls in the "My Computer" zone is "Disable".
    What about active scripting and your java permissions?
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  8. #8

  9. #9
    Junior Member
    Join Date
    Aug 2002
    Posts
    14

    run exe's?

    The ability to run local exe's gives the hacker the ability to do anything he wants to. Just the ability to run cmd.exe presents unlimited potential for a hacker. He could format your drive, add an account for himself, start vulnerable services, connect over the internet to his system and install "rootkits", you name it and it can be done from the command line.

  10. #10
    Senior Member
    Join Date
    Dec 2001
    Posts
    151
    there's also the ability to read and set clipboard content. if they opened up a frameless window you can track what they have on a persons clipboard... and depending on what they place in their clipboard it could also be quite dangerous....

    the exploit:
    http://tom.me.uk/clipboard/exploit.html
    -[h3llbringer] is back, again.
    -MSN CLoNE.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •