From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 7 Feb 1998 10:03:21 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Lets check this out
In-Reply-To: <34DBA006.46743131@tfs.net>
Message-ID: <199802070148.CAA26783@basement.replay.com>
MIME-Version: 1.0
Content-Type: text/plain



sphantom wrote:

> If someone named SandMan asks you to check out his page on the WEB
> 
> DO NOT!!!
> 
> It is at www.geocities.com/vienna/6318
> 
> This page hacks into your C:/ drive.  DO NOT GO THERE


All I see there is a few midi files and some badly-written HTML.
Nothing there to hack into my C:/ drive.  I don't even have a C: drive.
If you were running a more secure operating system, you wouldn't either.


> I am curious how this person does it.
> 

You obviously haven't been reading this list very long.  There are lots
of way to do nasty things to microslob windoze, including: Buffer overruns
in IE, javascript bugs in web browsers, launching applications thru
mime-types, SMB bugs (oob-attack, cd ..\, and others), macro (and other)
viruses, buffer overruns in the tcp stack (oversized pings, etc), as well
as the near infinite number of possible active-x exploits.