-
January 31st, 2004, 04:48 AM
#11
-
January 31st, 2004, 09:52 AM
#12
sometimes 576869746568617's thinking is just scary no need to see proof of concept I think you are on to something just glad you are a white hat.
you are a white hat aren't you?
[Shadow] have you ever noticed work is like a tree full of monkeys you look down and all you see is monkeys below you then you look up and all you see is a bunch of *******s above[/shadow]
-
January 31st, 2004, 10:01 AM
#13
Senior Member
576869746568617
good thinking... that is why I asked neohunk to send that .bat file so we can see what is inside...
correct me if I'm wrong, but you will need two files attached to run this scenario.
If you embed VBS in HTML body of message how can it detect that you started .bat?
and if script does all dirty work, why does it need .bat file? I mean, if it can be done silently, why to raise alarm... it would look just like some spam.
wait, maybie I got it... VBS drops another file on your HDD, then you need .bat to run it? but then why not run it emediately???
damn, if I just could see the code I would figure it out.
Ikalo
------
Make your knowledge your deadliest weapon.
-
January 31st, 2004, 10:18 AM
#14
Acturally, ikalo, you don't need the batch file. In at least C/C++, with some basic header or another included, you have access to the "system();" function. It takes a string argument and pretty much executes that in MS-DOS or the Command Prompt. So you can have it execute anything you want it to, including the format command and anything else you can do from Command Prompt.
With that, you can simply have the .exe, you can probably even give it a icon resource to resemble what a .BAT file looks like, and might even be able to name it .BAT, although I don't know if the .BAT can be a binary executable. Without opening it and seeing that the information isn't TEXT, it could have done anything including that simple format command to simply produce an error so the user deletes it without looking or examining the .BAT file (which is really a renamed .EXE) Again, I don't know if the .BAT file can have binary executable data, but if it did this would be a reason you would want to examine what happened, and then realize "CRUD! This isn't plain-text..."
Basically the goal would be to scare the user into thinking "DELETE IT!" so they can't see what happened. I mean, if you see that error box, you think "I'm soooooooooooo luck it failed," when it could have been done on purpose to trick you and hide the real work...
Hope that clears it up. No idea if .BAT can be binary executable though and still work...
-
January 31st, 2004, 04:13 PM
#15
Junior Member
Originally posted here by rcgreen
Do yourself a favor and add a little tweak to your context menu.
http://www.dracon.net/regedit/reg04.html
Then you can right click any unknown file and open it in notepad.
I never double click unknown file types, but have several
custom options in my right click "context" menu like notepad, debug.exe,
hex edit, etc. The default action for BAT files is to execute
the commands contained in it. Not exactly the safest way to open
an unknown file.
Thank you very much!
It's convenient.
-
January 31st, 2004, 04:42 PM
#16
PoSer:
think you are on to something just glad you are a white hat. you are a whitehat aren't you?
I don't know.....lets find out! Type my handle out. Add the digits 400 to the end. Now treat it as a hexidecimal string and convert each byte into ASCII text. If you do it properly, you'll get an answer to your question.
I used to code in assembler, so I know hex real good!
-
February 1st, 2004, 07:35 AM
#17
576869746568617400 = Whitehat
Tisk* tisk* For every guy getting hyped up with over the top news attention about some new open source software or a break-in another kid will fallow simply because they want belonging, to look cool, or to simply gain a label. Which as we all know these things have nothing to do with computers.
Its the same way with punk in some ways. I like the old school hardcore punk but I don't call myself punk because this would mean that I would have "conformed" to something... which kinda rather goes agianst what alot of the hardcore stuff was about in the first place. Kinda crazy now that I think about it. But compair the average Joe Blow kiddie with some blink182 fan and you'll see what im saying.
The point of all this is to me... it seems by calling yourself something your actually just contradicting yourself later on. Esspecially when the label you choose to call yourself is a popular label yet has no true meaning to anyone now days.
49207375636B207768656E20706C6179696E6720776974682041534D2E00
-
February 1st, 2004, 08:12 AM
#18
Suck huh? LOL!
I see your point about the labeling....That's deep
I guess a more fitting label would have been "I exsist".
-
February 1st, 2004, 08:40 AM
#19
ASM ??????????????????????????????????
sorry for the one liner but wtf.
[Shadow] have you ever noticed work is like a tree full of monkeys you look down and all you see is monkeys below you then you look up and all you see is a bunch of *******s above[/shadow]
-
February 1st, 2004, 09:20 AM
#20
This has gone off topic but ahhh damn those acronyms and abbreviations!!
ASM (Assembly) and on occassions you'll run into:
MASM (Macro Assembler).
or NASM (Netwide Assembler).
or even worse HLA (High Level Assembly).
Are you seeing a pattern now? Then for disassembly they'll usually throw in DASM on the end. The list of things that I can uhhh... list, can go on and on.
I have also seen a few companies & things that have shortened the names down to ASM. As said before some labels are just messed up. Well there is that and the fact that when im doped up on meds im the only person who can understand what I say
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|