Re: [Full-disclosure] Re: Window's O/S
From: Gilles DEMARTY (gilles.demarty_at_gmail.com)
Date: Thu, 24 Nov 2005 17:40:22 +0100 To: firstname.lastname@example.org
you can workaround this 'problem' and protect yourself against an
intruder, by patching your registry file :
(Do it at your own risks : )
HKLM\SOFTWARE\Microsoft\Internet Explorer\View Source Editor\Editor Name
and set the default key to 'c:\windows\notepad.exe' (or any editor you
wanna use, providing the full path).
2005/11/24, Dave Korn <email@example.com>:
> Marek Isalski wrote in news:firstname.lastname@example.org
> >>> create an folder on deskop and name it as "notepad".
> >>> open internet explorer > go to view > source code > this will open the
> >>> contents of notepad folder....!!
> >> Even better: rename any exe to notepad.exe ;)
> > Is this IE being so stupid as to run with a CWD of Desktop and
> > effectively doing a system("notepad")?
> > That'd explain explorer opening up folders called Notepad, and .exe files
> > being run. Bet it also works on MS Word documents (without a .doc
> > extension, probably), and any other magically executable file...
> > Certainly cmd.exe as notepad on the desktop suggests the CWD is your
> > Desktop (so presumably IE's CWD is also Desktop).
> Yep. You can't see that it's the cwd, but process explorer will show you
> it has a handle to desktop open.
> > Are there any other external apps IE is stupid enough to run without a
> > full path prefix? That could be fun too! :-)
> Dunno, but I'll tell you something I spotted the other day.
> Copy calc.exe to the root of your C:\ drive, and rename it to
> Fire up a recently-updated RealPlayer. Watch two instances of calc.exe
> appear. Close RealPlayer again. Watch two more instances of calc.exe
> Another un-quoted path with spaces in it. Phj33r!
> Can't think of a witty .sigline today....
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/