RE: www.security7.ch.vu
From: Mark Kovacic (Mark.Kovacic@barrsystems.com)Date: 03/01/02
- Previous message: William Laubernds: "Re: College advice"
- Maybe in reply to: LS: "www.security7.ch.vu"
- Next in thread: Duane Beck: "Re: www.security7.ch.vu"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 1 Mar 2002 12:41:01 -0500 From: "Mark Kovacic" <Mark.Kovacic@barrsystems.com> To: <lordsoth8@bigfoot.com>, <security-basics@securityfocus.com>
I took a look at what they are doing.
Sneaky, a server side script to access your hard drive from the web
browser (i.e. locally)
They are just setting a client side scripting item to look at your local
drive from your machine.
Mark Kovacic, Systems Programmer
Barr Systems, Inc. www.barrsystems.com
352-491-3100 Mark.Kovacic@barrsystems.com
-----Original Message-----
From: LS [mailto:hydrax@netvision.net.il]
Sent: Wednesday, February 27, 2002 6:46 PM
To: security-basics@securityfocus.com
Subject: www.security7.ch.vu
Hi all,
I was sent the following address:
When entering, it claims that you are exposed and tracked and a lot of
information
is stored on your computer (doh..altho i dont keep names on it etc..).
What caught my attention is that the show you the contents of your root
directory
(c:\ for a windows machine...).
What's alarming is that I don't see how this thing could've been done. I
dont allow
any shares, I dont allow any services, and unless it is an IE exploit of
some sort,
there is no other way to explain it. My firewall (TPF) handles all the
microsoft
network issues and only internal LAN can even see my nbt name etc...
this is weird.
Anybody know how this is done ?
Regards,
Eli
- Previous message: William Laubernds: "Re: College advice"
- Maybe in reply to: LS: "www.security7.ch.vu"
- Next in thread: Duane Beck: "Re: www.security7.ch.vu"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
