file://
?
OK, I'll bite. Why are file:// URLs relevant to the discussion?
It allows arbitrary data to be passed to CMD.EXE, without first owning the
system.
___
Full-Disclosure - We believe in it.
Charter:
Aren't cross-zone urls disallowed by default, though?
Matt Flaschen
Peter Ferrie wrote:
file://
?
OK, I'll bite. Why are file:// URLs relevant to the discussion?
It allows arbitrary data to be passed to CMD.EXE, without first owning the
system.
On 10/23/06, Peter Ferrie [EMAIL PROTECTED] wrote:
file://
?
OK, I'll bite. Why are file:// URLs relevant to the discussion?
It allows arbitrary data to be passed to CMD.EXE, without first owning the
system.
You're telling me that a web page I view in IE can do this?
cmd.exe /K
Matthew Flaschen [EMAIL PROTECTED] to Peter, full-disclosure
Aren't cross-zone urls disallowed by default, though?
I agree with Matthew Brian. If cmd.exe can be run from a browser
using file:// irrespective of cross-zone security boundaries then
there are *much* other urgent things to be
