RE: [Full-disclosure] Window's O/S

• Previous message: Aditya Deshmukh: "RE: [Full-disclosure] Return of the Phrack High Council"
• In reply to: Marek Isalski: "Re: [Full-disclosure] Window's O/S"
• Next in thread: Cassidy Macfarlane: "RE: [Full-disclosure] Window's O/S"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Marek Isalski'" <Marek.Isalski@smuht.nwest.nhs.uk>, <full-disclosure@lists.grok.org.uk>
Date: Fri, 25 Nov 2005 08:46:54 +0530

 
> > > create an folder on deskop and name it as "notepad".
> > > open internet explorer > go to view > source code > this
> will open the
> > > contents of notepad folder....!!
> > Even better: rename any exe to notepad.exe ;)
>
> Is this IE being so stupid as to run with a CWD of Desktop
> and effectively doing a system("notepad")?
>
> That'd explain explorer opening up folders called Notepad,
> and .exe files being run. Bet it also works on MS Word
> documents (without a .doc extension, probably), and any other
> magically executable file...
>
> Certainly cmd.exe as notepad on the desktop suggests the CWD
> is your Desktop (so presumably IE's CWD is also Desktop).
>
> Are there any other external apps IE is stupid enough to run
> without a full path prefix? That could be fun too! :-)
>

Thank god I run firefox !

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Previous message: Aditya Deshmukh: "RE: [Full-disclosure] Return of the Phrack High Council"
• In reply to: Marek Isalski: "Re: [Full-disclosure] Window's O/S"
• Next in thread: Cassidy Macfarlane: "RE: [Full-disclosure] Window's O/S"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]