help:// protocol in Windows XP Prof

From: Bartosz Kwitkowski (bartosz_at_wb.pl)
Date: 07/06/04

Next message: NETKOJI: "Re: help:// protocol in Windows XP Prof"

Previous message: bil_912: "status-bar SHATTER attack"
Next in thread: NETKOJI: "Re: help:// protocol in Windows XP Prof"
Reply: NETKOJI: "Re: help:// protocol in Windows XP Prof"
Reply: Derek Kwan: "Re: help:// protocol in Windows XP Prof"
Reply: Jordan Cole (stilist): "Re: help:// protocol in Windows XP Prof"
Maybe reply: Bartosz Kwitkowski: "Re: help:// protocol in Windows XP Prof"
Maybe reply: Weltha, Nick [ADM]: "RE: help:// protocol in Windows XP Prof"
Maybe reply: Calderon, Juan Carlos (GE Commercial Finance, NonGE): "RE: help:// protocol in Windows XP Prof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 6 Jul 2004 09:36:16 -0000
To: vuln-dev@securityfocus.com

('binary' encoding is not supported, stored as-is)

There is funny thing in Internet Explorer 6.0 - Windows XP Professional (fully patched).

When you are writing address in IE you can replace http:// by help://

example:

http://wb.pl/bartosz = help://wb.pl/bartosz

and than hit <ENTER>... Page will open...

other...

help://www.securityfocus.com - looks funny, isn't? :-)

when IE opens page changes help:// to http://

BUT, BUT,

when you are create hyperlink check

it won't work - IE says syntax error...

I'm trying to exploit this...

Best regards,
Bartosz Kwitkowski

Next message: NETKOJI: "Re: help:// protocol in Windows XP Prof"

Previous message: bil_912: "status-bar SHATTER attack"
Next in thread: NETKOJI: "Re: help:// protocol in Windows XP Prof"
Reply: NETKOJI: "Re: help:// protocol in Windows XP Prof"
Reply: Derek Kwan: "Re: help:// protocol in Windows XP Prof"
Reply: Jordan Cole (stilist): "Re: help:// protocol in Windows XP Prof"
Maybe reply: Bartosz Kwitkowski: "Re: help:// protocol in Windows XP Prof"
Maybe reply: Weltha, Nick [ADM]: "RE: help:// protocol in Windows XP Prof"
Maybe reply: Calderon, Juan Carlos (GE Commercial Finance, NonGE): "RE: help:// protocol in Windows XP Prof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: unwanted sql and conversion popups in mergefile
... (i.e. encoding" that you want Windows to assume if you don't specify ... Set oDoc = Documents.Open("the path name of the file you need to ... box still opens every time. ... This particular Word doc extracts data from a delimited file created ...
(microsoft.public.word.mailmerge.fields)
Re: who to use fwrite to write through a hidden file
... It opens a file, and NEGLECTS TO SEE IF THE OPEN WORKED! ... You have no reason to assume this could work. ... Let me put it this way: I would not consider writing such a piece of code. ... how can you be trusted to modify something as critical as ...
(microsoft.public.vc.mfc)
Re: unwanted sql and conversion popups in mergefile
... Registry edit solution as found at bottom of page under "More Information" ... (i.e. encoding" that you want Windows to assume if you don't specify ... Set oDoc = Documents.Open("the path name of the file you need to ... still opens every time. ...
(microsoft.public.word.mailmerge.fields)
Re: Form linked to table but will not add data to table
... (a hidden orderID field set ... > Entry only so it always opens with blank fields for the user to fill ... > Once you have entered these three bits of info you hit continue. ... > stopped working, ...
(microsoft.public.access.forms)
Re: Using Old Word Documents
... fonts & the encoding probably won't help either. ... I did change the font and the preferences but have to admit I don't ... the document opens but then all I have is those nice little black ...
(microsoft.public.mac.office.word)