Jump to content

[Misc] | How vulnerable is your OS?

suryad

By suryad
in Windows XP

 Share

Recommended Posts

suryad

suryad

Posted
Posted

http://www.computerterrorism.com/research/ie/poc.htm

Use IE and FF to try it. Here is a link to the Proof of Concept [computerterrorism.com] page, which will launch an instance of calc.exe if you're vulnerable. I found out I am vulnerable...

A lot of people disagree with my assessment of MS's security issues.....but this proves my point once and for all. There are lots and lots of holes and known holes at that in the OS. Shouldnt MS be takng a better stance on security? Lets hope Vista is not prey to this attack!! On that note if anyone has Vista it would be great if you could give it a whirl. X64 users also please attempt and post your results.

I didnt know where else to put this post so I put it in this forum. Give it a whirl people!


Synapse

Synapse

Posted
Posted

Windows XP Home SP1 (all updates up to service pack 2)

Internet Explorer: Opened Calc in a matter of seconds.

Firefox 1.0.7: Displayed a box with a bunch of question marks in it.. pretty much just slowed down my browser.

Jeremy

Jeremy

Posted
Posted (edited)

I tried it in Opera v8.51 and it opened a small empty window with "CT" in the title.

Edited by Jeremy
Zxian

Zxian

Posted
Posted

Like Jeremy, here in Opera, it opened a window called CT... and then Trend Micro went nuts. :P

In IE, the page wouldn't even load, since Trend Micro caught something nasty. (a .jar file - understandable that it's Javascript)

The page loads in Firefox, and when I go to run it... a second Window appears and then Firefox freezes.

cluberti

cluberti

Posted
Posted

XP SP2 fully patched - Internet Explorer crashed when running the code, but no calculator. Also, Trend A/V went nuts (which likely is what caused IE to crash).

I know we like to knock Microsoft about security vulnerabilities, but Windows (and thus, IE) is a quite complex basket of code. I think it's a little disingenous when a security firm finds an exploit, and rather than let the vendor know beforehand post the exploit to the wild. Instead of contacting Microsoft and giving them time to fix the exploit, let's make everyone unsafe by releasing the exploit to all of the script kiddies of the world. Yes, IE is vulnerable - but are we less or more safe now that this "security firm" released the exploit code to the wild before letting the vendor know of the problem?

Solid as a rock

Solid as a rock

Posted
Posted (edited)

i have give it a try too with opera 8.51 and XP SP2 with all hotfixes. kaspersky immediality popups with a warning and question to remove it or keep it. nothing happened further.

edit: tryed with IE6 and the same popup from kaspersky too. i dont use FF so i cant test that but i believe kaspersky defents it too..

Edited by SolidasRock
net_user

net_user

Posted
Posted (edited)

xp sp2 fully patched

McAfee 8.oi

firefox nothing....locks up/crashed

ie...no calculater.....see pic

post-58695-1133300772_thumb.png

Edited by net_user
Phyridean

Phyridean

Posted
Posted

WinXP SP2, all hotfixes

Windows OneCare

Maxthon browser

I had no problem, except a script prompt that needed clicked five times (both "ok" and "cancel" tried)

No calc.exe

And my browser continued working after I closed the script prompt.

:thumbup

Daemonforce

Daemonforce

Posted
Posted (edited)

Windows XP MCE 2005 no hotfixes. I clicked OK on the prompt a few times and when I decided to move it around on the screen, BAM! IE crash.

*clicks don't send*

Ok now Dr. Watson crashed and sat in the background along with IE until I decided to kill it.

o_O

Edited by Daemonforce
mark

mark

Posted
Posted

That was fun. XP Pro SP2, hotfixes, nlited, no AV, ZoneAlarm, FF. Kablam! Locked FF up nice and tight. Two things I noticed when I went to the sight: (1) My monitor flickered when I went to the sight, (2) a Firefox 'about:' window had also opened with nothing in it after clicking the appropriate link.

DL

Solid as a rock

Solid as a rock

Posted
Posted
i have give it a try too with opera 8.51 and XP SP2 with all hotfixes. kaspersky immediality popups with a warning and question to remove it or keep it. nothing happened further.

edit: tryed with IE6 and the same popup from kaspersky too. i dont use FF so i cant test that but i believe kaspersky defents it too..

i have tryed the test again with kaspersky disabled, opera 8.51 still do nothing. IE6 freeze up and nothing more...

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...