Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Posted: 6/22/2003 12:19:03 PM EDT
[url]http://home.1asphost.com/sousy2050/jeeper.jpg[/url]
Link Posted: 6/22/2003 12:22:40 PM EDT
How tha....... CHRIS
Link Posted: 6/22/2003 12:26:04 PM EDT
Uh, didn't work for me.
Link Posted: 6/22/2003 12:26:48 PM EDT
It's a link to a web page that contains a cgi script that operates a shell command to open your cd drive. The command is: c:\eject (I *think* that's it) as long as you have activex controls enabled, people can do all kinds of silly stuff to your box.
Link Posted: 6/22/2003 12:27:39 PM EDT
[Last Edit: 6/22/2003 12:28:47 PM EDT by fizassist]
The image “http://home.1asphost.com/sousy2050/jeeper.jpg” cannot be displayed, because it contains errors.
View Quote
Yep, very interesting.... Edited to add: [b]this[/b] is why I browse with Mozilla. [;)]
Link Posted: 6/22/2003 12:28:03 PM EDT
Link Posted: 6/22/2003 12:29:49 PM EDT
Yep, very interesting.... since my tower sits inside of my comp desk and the door prevented the drive to open and it stripped out my drive!
Link Posted: 6/22/2003 12:49:57 PM EDT
[Last Edit: 6/22/2003 12:52:33 PM EDT by Airwolf]
Ah. I was wondering why nothing came up but the image properties showed 304 bytes. I LOVE Opera. There are so many exploits for IE out there. I gave it up when Opera 6 came out and have never looked back. Save the "image", change the extention to .txt and open it in notepad and you get this: -START Of Script Attempt-
language=VBScript> <-END Of Script Attempt-
> Very funny [BD]
Link Posted: 6/22/2003 12:58:09 PM EDT
cool!
Link Posted: 6/22/2003 12:59:35 PM EDT
That scared me for a minute...thought the CPU was f'ing up. Thats cool.
Link Posted: 6/22/2003 1:10:42 PM EDT
Originally Posted By Fenian: It's a link to a web page that contains a cgi script that operates a shell command to open your cd drive. The command is: c:\eject (I *think* that's it) as long as you have activex controls enabled, people can do all kinds of silly stuff to your box.
View Quote
so could you make it run any .exe file on your machine? i.e. format, or something like delete c:\all_my_importnat_papers\*.*
Link Posted: 6/22/2003 2:23:43 PM EDT
Activex controls are a security risk. You should be disabling them in IE. [img]http://photos.ar15.com/WS_Content/ImageGallery/Attachments/DownloadAttach.asp?sAccountUnq=739&iGalleryUnq=711&iImageUnq=13968[/img]
Link Posted: 6/22/2003 2:34:29 PM EDT
WTF!!! That was some trippy s**t! Hey, how do I disable ACTIVEX? And how can I safeguard from other stuff like this?? Wow, that was crazy!
Link Posted: 6/22/2003 2:35:00 PM EDT
Yep. That ActiveX thing killed it. CHRIS
Link Posted: 6/22/2003 2:49:29 PM EDT
I guess it doesn't work in Nutscrape?
Link Posted: 6/22/2003 3:10:44 PM EDT
Kar98 needs to get a life. ....stupid childish behavior.
Link Posted: 6/22/2003 3:14:59 PM EDT
Originally Posted By Airwolf: Ah. I was wondering why nothing came up but the image properties showed 304 bytes. I LOVE Opera. There are so many exploits for IE out there. I gave it up when Opera 6 came out and have never looked back. Save the "image", change the extention to .txt and open it in notepad and you get this: -START Of Script Attempt-
language=VBScript> <-END Of Script Attempt-
> Very funny [BD]
View Quote
A fellow Opera user.[8D]
Link Posted: 6/22/2003 3:18:32 PM EDT
You know what, that's B.S. You do not post stuff like that that screws with other members computers without warning or without the permission of mods (and I doubt seriously they'ed give it.) That post needs to be locked and deleted post haste...who's mod'ing in here today.
Link Posted: 6/22/2003 3:23:47 PM EDT
Originally Posted By Fearandloathing37: You know what, that's B.S. You do not post stuff like that that screws with other members computers without warning or without the permission of mods (and I doubt seriously they'ed give it.) That post needs to be locked and deleted post haste...who's mod'ing in here today.
View Quote
Are you fucking kidding? He just taught you and me a serious lesson, and you are screaming for a lock? Regroup dude.
Link Posted: 6/22/2003 3:27:00 PM EDT
[Last Edit: 6/22/2003 3:32:04 PM EDT by Kar98]
This was a harmless, yet startling script. Yep, I fell for it, too, and learned my lesson. Just thought I'd share. I've now disabled everything that says ActiveX. (In Internet Explorer, go to Tools, Internet Options, Security, Custom Level and poke around there.) Edited to add: _Now_ it's safe to go back to that link above, and nothing will happen.
Link Posted: 6/22/2003 3:29:35 PM EDT
You should see the one that makes millions of pop up ads.
Link Posted: 6/22/2003 3:32:40 PM EDT
[Last Edit: 6/22/2003 3:35:09 PM EDT by Airwolf]
AZ-K9 just beat me to it. There are so many ways that IE with default settings can be exploited it's not funny. I'm sure some of you have gotten a real wake up call that what looks like something harmless can be a major security risk to your system. Even if your system prompts with a warning too many people just click "OK" without really understanding what they just allowed. (I just checked the link on a default install of IE under XP Pro... It opened both my drive bays without a prompt or warning) There are plenty of browsers to use other than IE. I for one use Opera. Mozilla is good and for those that need something sleek and trim try the Firebird beta (formally Phonenix). I keep IE only for doing Windows Update and the occasional site that just won't work on anything but IE. In my opinion PHB's that force web developers to do that should be taken out and shot in public as an example to others.
Link Posted: 6/22/2003 3:50:13 PM EDT
[Last Edit: 6/22/2003 3:52:26 PM EDT by Fearandloathing37]
I'm aware of the whole active X thing...I'm also aware that just about every hacker that ever lived has used the lame defense of " I was just doing it to show you the faults in your system" as an excuse for iresponible actions that could possibly harm the computers of other members of this board, without said members permission, Was I wrong in reading that one of the members of this board had his CD rom burned out by this stupid trick...huh....is Kar98 going to buy him a new CD-ROM...huh At best this is a violation of forum ettiquette, at worst its a gross violation on AR15.com rules and Kar98 should be kicked off the board until such time as he buys that guy a new CD-ROM and pays for any other damage claims of any other member. As I've said before this litte stunt on Kar98's part, should be called to the attention of mods or sight management.
Link Posted: 6/22/2003 4:08:17 PM EDT
Thats pretty scarry to know that just by visiting a web site, it can send a script into your pc without your knowledge. Imagine what a real wise guy with too much time could do...
Link Posted: 6/22/2003 4:20:18 PM EDT
You be surprise at how little it did to a Powerbook with a slot loading drive... talk about double-safe. [:)]
Link Posted: 6/22/2003 4:30:09 PM EDT
Thanks for the quick security lesson Kar98. Now the next lesson. Just what is ActiveX used for?
Link Posted: 6/22/2003 4:44:10 PM EDT
no workie for me..? wth win2k IE6
Link Posted: 6/22/2003 4:46:58 PM EDT
That would have been funny if my case did not have a door on the front... No damage but it sure popped and ground for a second!
Link Posted: 6/22/2003 5:58:34 PM EDT
Well I sure am glad someone does this every damn week.
Link Posted: 6/22/2003 6:46:09 PM EDT
Cry Babies!!
Link Posted: 6/22/2003 6:55:53 PM EDT
Dumb.
Top Top