-
August 26th, 2002, 03:39 AM
#1
Whats the worst thing HTML can do?
From time to time I look at new exploits and sometimes I see exploit that cause HTML to run on "My Computer" zone, but As far as i know, the "worst" thing you can do with HTML is activate an EXE file.
So I say to myself, Oh no, im doomed, someone can activate my calculator!
Thats why I was wondering, what is the worst thing HTML that runs on "My Computer" zone can do? Why do i need to defend against those?
-
August 26th, 2002, 03:49 AM
#2
Well running an exe is pretty bad actually. For instance, one could run a telnet server (like the one that comes with windows 2000 pro) and exploit that. Someone could also open multiple exes so fast that it crashes the system (a couple hundred copies of calculator running would probably not be a good thing unless you have mountains of RAM to spare) I've seen a few HTML type of exploits happen, and they arent too cool, esp that one a while back that could read your MSN Messenger contact list.
You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
-
August 26th, 2002, 04:02 AM
#3
html isnt really the danger. it's the scripts that can run from it. these can download and run exe's like trojans and virus files. if you want to see an example, the next time you find nimda or code red code in your server logs, go browse the site that sent it. you'll become infected even if you have the patchs installed on your server by the java script that it appends to the infected sites home page.
opening calc is just to show, harmlessly, that scripts can run exes without your permission. it could, just as easly run a copy of netcat or the tini backdoor it's just downloaded
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
August 26th, 2002, 05:41 AM
#4
these can download and run exe's like trojans and virus files
I checked it, and by default, the setting for download permission for signed ActiveX controls is "Prompt", and the setting for download unsigned ActiveX controls in the "My Computer" zone is "Disable".
so even if an html runs in "My computer" zone, it cannot download and run EXE's or ActiveX's, it can only run EXE's that are already on that computer. yeah, that can be bad, I agree that in some cases, some EXE's can do a bit harm, or 30294 Calculators can be annoying, but its still not that critical, right?
-
August 26th, 2002, 06:21 AM
#5
IMHO most of these attacks could be solved by NOT using Internet explorer and disabling java.
here is a list of some attacks ( Unpatched IE security holes ) : http://www.pivx.com/larholm/unpatched/
In above site you can also test yourself to See if you are vulnerable or not.
Some of those unpathced attacks are :
Java XMLDSO base tag
delegated SSL authority
CTRL-key file upload focus
FTP Folder View XSS
Self-executing HTML Help
HTML Help ActiveX
IE dot bug
Security zone transfer
script src" local file enumeration
IE https certificate attack
And many others which if you know you won't use IE at all.
"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
- Albert Einstein
-
August 26th, 2002, 03:33 PM
#6
Member
Scarey......Thanks for the link to pivx.com
-
August 26th, 2002, 05:19 PM
#7
I checked it, and by default, the setting for download permission for signed ActiveX controls is "Prompt", and the setting for download unsigned ActiveX controls in the "My Computer" zone is "Disable".
What about active scripting and your java permissions?
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
August 26th, 2002, 05:38 PM
#8
Member
-
August 26th, 2002, 06:17 PM
#9
Junior Member
run exe's?
The ability to run local exe's gives the hacker the ability to do anything he wants to. Just the ability to run cmd.exe presents unlimited potential for a hacker. He could format your drive, add an account for himself, start vulnerable services, connect over the internet to his system and install "rootkits", you name it and it can be done from the command line.
-
August 26th, 2002, 07:22 PM
#10
Senior Member
there's also the ability to read and set clipboard content. if they opened up a frameless window you can track what they have on a persons clipboard... and depending on what they place in their clipboard it could also be quite dangerous....
the exploit:
http://tom.me.uk/clipboard/exploit.html
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|