VBscript in Web pages
Matthew Carpenter
matt
Tue Oct 12 12:39:13 PDT 2004
Are you sure you want it to?
I just had Konqueror spit out a dialog to download (as a file) "index.html".
While I thought it strange, I downloaded it and opened it in KATE. What
I saw knocked my socks off.
It was indeed HTML, which included a VBScript. The VBScript had one
variable with Textual-Hex (ie, the letters were AE453FC2) and one blank
variable. The script then processed the first variable 2-letters at a
time, converted them to the intended Hex by prepending the characters
with &h (I'm pulling from memory, so it might have been some other
characters) and dumping that new Hex-code on to the end of the second
variable. When done, the app wrote the new variable to a file, and
executed it. Basically that HTML file dumped some malware onto my
machine and executed it (or would have if I ran VBScript on Winlose),
all without downloading another file.
Nasty.
David Bandel wrote:
>Folks,
>
>Is there a library/program/special chickens foot I need
>loaded/installed/waved in order to get Firefox to run a web page that
>contains VBscript (Veritable Bozo? Venerable Bullshit? Vacillating
>Bogons? Vader Baby? script).
>
>I know a "void main", perhaps this is a "void branch"?
>
>TIA,
>
>David A. Bandel
>
>
More information about the Linux-users
mailing list