On 16 Apr 97 07:16am, Kurt Wismer wrote to Julian Yap:
-=>> Mocking Julian Yap to David Desrosiers <=-
KW>
DD>> Would it be possible to imbed some executable code into the
DD>> .ZIP comment that is in many .ZIP files that shows up before it's
DD>> unzip'd (not the ones that show up after). I have been able to imbed
DD>> ANSI as well as control characters (BELL, TAB, and so on) in mine, but
DD>> I wonder if I changed it to binary, if it would infect/load when the
DD>> file was unzip'd....
DD>> Ideas anyone?
JY>> Yes, this could work. It uses the same principles as an ansi bomb.
KW> no, it wouldn't work... ansi bombs work only because ansi.sys is loaded
KW> and intercepts the ansi codes... what is going to intercept the machine
KW> code comment and run it?
KW> comments are just piped to the standard output, regardless of what they
KW> are... printing executable code on the screen does not execute that
KW> code...
Exactly. The 'type' command simply places a file to the screen.
enter this command:
TYPE command.com
The file command.com is not executed, but you view it's contents. (Which will
cause a few beeps because of the BEL control code.)
This is what happens when you view the PKzip ascii comments. Kurt is correct
here.
BRANDON PILKINGTON
... Teacher said it was dain bramage...
* Evaluation copy of Silver Xpress. Day # 212
* Silver Xpress V4.01
--- PCBoard (R) v15.3/M 5
(1:275/178)
---------------
* Origin: FidoNet: Merlin's Workshop BBS 757-485-0787/7410 Ches.VA
|