Re: Hidden Folders

From: Felix Domke (tmbinc@gmx.net)
Date: 09/12/01


Message-ID: <00b801c13bc6$cbf3cb00$4b00000a@elite.org>
From: "Felix Domke" <tmbinc@gmx.net>
To: <vuln-dev@securityfocus.com>
Subject: Re: Hidden Folders
Date: Wed, 12 Sep 2001 22:09:14 +0200

To the "hidden file" discussion:

There is a HUGE difference between physically hidden files (dos-attributes)
and the "desktop.ini"
the latter only "works" for explorer.

mine looks like this: (%windir%\fonts\desktop.ini)

[.ShellClassInfo]
UICLSID={BD84B380-8CA2-1069-AB1D-08000948F534}

this uid resolves to a "fontext.dll"-entry, with a special default icon and
a different text.

I remember of a Win NT4 servicepack which got accidental a
"Fonts"-desktop.ini, which disabled browsing through that directory using
the explorer.
you can have more fun with the desktop.ini by using backgrounds, crashing
icons as default icon (i got such an icon which immediately crashes the
explorer), and off course these uids. you can build a trash, a control panel
and much much more - but nothing really usefull for exploiting. (anyone more
familar with this topic?)

bye,
felix domke