TIP: Click on subject to list as thread! ANSI
echo: aust_avtech
to: Jasen Betts
from: Bob Lawrence
date: 2004-04-12 03:32:04
subject: Locking Windows

JB> It seems the cookie files are engineered so that they don't
JB> start with "MZ" Anyway stick a .EXE filename extension on
JB> aything and the system will try to run it, as a .COM format
JB> file (raw binary) if it doesn't start with "MZ" but unless
JB> something starts renaming the files or makes a special effort
JB> cookies won't run.

 Are you saying it's not possible to send a cookie without the
header (or lack of)? How hard would itbe to write a script that
remanes the first two bytes of a file?

BL> I said "cookies and other crap" or words to that effect. I know
BL> cookies don't run, but they do have access to the system and
BL> are loaded anywhere the cookie-sender chooses to put them.

JB> anywhere???

 Aren't they under the control of the sender?  

 BTW, there is another thing that worries the shit out of me... the
Registry. It's a plain text file, but if you enter stuff in there, it
can make the computer do almost anything.

BL> I don't think *you* understand, Rod. What is the difference
BL> between a self extracting ZIP file and an EXE file? From
BL> memory, six bits in the header. Not a lot of protection... is
BL> it?

JB> a self-extracting zip file is an EXE.

 As I said... 6 bits in the header. The only thing that distinguishes
text from an executable is the header.

Regards,
Bob





--- BQWK Alpha 0.5
* Origin: Precision Nonsense, Sydney (3:712/610.12)
SEEN-BY: 633/104 260 262 267 270 285 640/296 305 384 531 954 1042 690/734
SEEN-BY: 712/610 848 774/605 800/221 445
@PATH: 712/610 640/531 954 633/260 267

SOURCE: echomail via fidonet.ozzmosis.com

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.