Regarding Leon's post that this only works in XP.. I'm on 2000 Professional using IE 5.5 sp2 with all patches installed and I got a command prompt. Weird thing is that I can't explain, maybe someone else can.. Is the header on the command prompt says c:\winnt\downloaded program files.. Even though the path at the prompt is to my desktop. When I cd to c:\winnt\downloaded program files directory and do a listing, cmd.exe shows up there. However when I browse through Explorer to that dir, I don't see the file. Just the normal java and active X controls. Oh, I also have McAfee VirusScan 4.5.1 SP1 with latest engine and DAT.
Cavell McDermott Domino Admin APW Ltd. - Texas Campus 214-343-1400 - Main 214-355-2022 - Direct 214-341-9950 - Fax http://www.apw.com "Dave Bujaucius" To: <[EMAIL PROTECTED]> <bujauciusd@gli cc: atech.com> Subject: RE: scary site 03/07/2002 02:05 PM If it makes anyone feel any better, I did get a message from Trend anti-virus, "Action: Clean Failed (Moved)" Of course that was on or about the time the Command Prompt appeared on my screen... Dave Bujaucius -----Original Message----- From: Premek Marek [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 1:15 PM To: leon Cc: [EMAIL PROTECTED] Subject: Re: scary site > http://www.liquidwd.freeserve.co.uk/ > Try it with a windows machine and IE with all patches. > Be afraid be very afraid. > FYI this is for all those people who are think that just having a > firewall is enough. > Guess what? > This works through packet filter, stateful inspection and proxy > servers. Guess what? nothing happened to me. IE 5.0, win 2000, no patches, all settings set to default. (had to reboot from linux to test it :)) MSIE says page loaded with errors .. C:/windows/system32/cmd.exe exists and is accessible. And why would you think that some packet filters and stateful inspection could stop it? Here you'd need content filter on some very high level to guess what this script could be doing. -- Premek Marek Unix systems administrator, Hosting CZ s.r.o. mailto:[EMAIL PROTECTED] tel: +420-602-386703
