1994-12-07 - ANSI Bombs are still a threat? (was: Re: Good times virus (ANSI BOMB?))
Header Data
From: roy@cybrspc.mn.org (Roy M. Silvernail)
To: cypherpunks@toad.com
Message Hash: df6554ff1b98772ce0921888596a1bc00a82208b416aa79361332829b18cfc5e
Message ID: <941207.163507.7y7.rusnews.w165w@cybrspc.mn.org>
Reply To: <199412070742.CAA21434@bb.hks.net>
UTC Datetime: 1994-12-07 23:21:50 UTC
Raw Date: Wed, 7 Dec 94 15:21:50 PST
Raw message
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Wed, 7 Dec 94 15:21:50 PST
To: cypherpunks@toad.com
Subject: ANSI Bombs are still a threat? (was: Re: Good times virus (ANSI BOMB?))
In-Reply-To: <199412070742.CAA21434@bb.hks.net>
Message-ID: <941207.163507.7y7.rusnews.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
In list.cypherpunks, adam.philipp@ties.org writes:
> Although the concept of "text viruses" seems a bit far fetched to some
> people, there these lovely toys known as ANSI bombs. Essentially they work
> in a similar method to the some techniques used in the sendmail bug, but
> they are MS-DOS specific, they will use embedded ANSI codes to run programs
> as the files is viewed...
The MS-DOS ANSI bomb relies on the capability of redefining keystrokes
through the ANSI screen driver. Most all the DOS boxen I lay hands on
lose this capability quickly, when I install more capable ANSI drivers
that have this misfeature disabled. Fortunately, few people rely on
ANSI-based text viewers, so I'd hope that even the otherwise unprotected
machines have some immunity. (how many people use 'type filename'
anymore?)
I first learned of ANSI bombs back in the Cretacious period (1989), when
it briefly became popular to slip them into PKZIP 0.92 comment fields.
I even saw a couple in files I downloaded, because even then I had
removed the function from my screen driver. The attempted redefs would
show up as plain text.
> If anyone feels the need for proof I collected a few a while back, but
> really don't see the need to post them...heh heh.
[0;5;30;47mI wonder if anyone's mail readers are even succeptible? (he
said, grinning)
- --
Roy M. Silvernail [ ] roy@cybrspc.mn.org
PGP public key available by mail
echo /get /pub/pubkey.asc | mail file-request@cybrspc.mn.org
These are, of course, my opinions (and my machines)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
iQCVAwUBLuY7wBvikii9febJAQFE7AP/RObKGqQ0Usi9SRyM3TA5doewB9E/VVKs
NOOGan6aPZrt0B0wGZRxvmYBDfSixc5LhmCvDBmSiQid3sxbtCZKAUdLqjic7N2F
6ypNktYtcaJgQ95DO9xqzPR42UxJN2GDLIuwX0/01Cu3x08tgu9R2FVoVgkvGMmF
YggtpKNrUWk=
=V3Nl
-----END PGP SIGNATURE-----
Thread
Return to December 1994
- Return to “adam.philipp@ties.org (Adam Philipp)”
- Return to ““Anthony Wm. Iannotti” <tony@secapl.com>”
- Return to “Ben <samman@CS.YALE.EDU>”
- Return to “kafka@desert.xs4all.nl (Patrick ‘3l33t’ Oonk)”
- Return to “Michael Conlen <meconlen@IntNet.net>”
- Return to “roy@cybrspc.mn.org (Roy M. Silvernail)”
Return to “rseymour@reed.edu (Robert Seymour)”
- 1994-12-07 (Tue, 6 Dec 94 23:37:21 PST) - Re: Good times virus (ANSI BOMB?) - adam.philipp@ties.org (Adam Philipp)
- 1994-12-07 (Wed, 7 Dec 94 15:21:50 PST) - ANSI Bombs are still a threat? (was: Re: Good times virus (ANSI BOMB?)) - roy@cybrspc.mn.org (Roy M. Silvernail)
- 1994-12-08 (Wed, 7 Dec 94 22:27:07 PST) - My apologies to the list (Re: ANSI Bombs are still a threat?) - roy@cybrspc.mn.org (Roy M. Silvernail)
- 1994-12-08 (Thu, 8 Dec 94 07:57:14 PST) - Re: My apologies to the list (Re: ANSI Bombs are still a threat?) - Michael Conlen <meconlen@IntNet.net>
- 1994-12-08 (Thu, 8 Dec 94 09:01:34 PST) - Re: My apologies to the list (Re: ANSI Bombs are still a threat?) - Ben <samman@CS.YALE.EDU>
- 1994-12-08 (Thu, 8 Dec 94 10:02:38 PST) - Fixing Flash/ANSI Bomb/Terminal Screwup - rseymour@reed.edu (Robert Seymour)
- 1994-12-10 (Sat, 10 Dec 94 10:12:53 PST) - Re: My apologies to the list (Re: ANSI Bombs are still a threat?) - kafka@desert.xs4all.nl (Patrick ‘3l33t’ Oonk)
- 1994-12-08 (Thu, 8 Dec 94 09:01:34 PST) - Re: My apologies to the list (Re: ANSI Bombs are still a threat?) - Ben <samman@CS.YALE.EDU>
- 1994-12-08 (Thu, 8 Dec 94 07:57:14 PST) - Re: My apologies to the list (Re: ANSI Bombs are still a threat?) - Michael Conlen <meconlen@IntNet.net>
- 1994-12-08 (Thu, 8 Dec 94 06:17:48 PST) - Re: ANSI Bombs are still a threat? (was: Re: Good times virus (ANSI BOMB?)) - “Anthony Wm. Iannotti” <tony@secapl.com>
- 1994-12-08 (Wed, 7 Dec 94 22:27:07 PST) - My apologies to the list (Re: ANSI Bombs are still a threat?) - roy@cybrspc.mn.org (Roy M. Silvernail)
- 1994-12-07 (Wed, 7 Dec 94 15:21:50 PST) - ANSI Bombs are still a threat? (was: Re: Good times virus (ANSI BOMB?)) - roy@cybrspc.mn.org (Roy M. Silvernail)