|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Brian Cervenka (focus-ms
zerobelow.org)Date: Wed Dec 12 2001 - 15:23:00 CST
Well, on a similar note, that type of thing can be done in older versions
of outlook:
Pine gives me a line where I can select a file name:
Attchmnt: 1. /home/blah/test.bat (22 B) "test.txt"
If I send this to an outlook client, the client refers to the file as
test.txt everywhere (clicking the paperclip, to open it, and such)...but,
when I click "Open this" it will actually run the batch file.
The headers when they show up at oulook are:
--1363184398-182022148-1008191960=:7769
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="test.bat"
Content-Transfer-Encoding: BASE64
Content-Description: test.txt
Content-Disposition: attachment; filename="test.bat"
Now, on a fully patched version of outlook, I can no longer open the
attachment, but instead get the message:
Outlook blocked access to the following potentially unsafe attachments:
test.txt
(And this also works on .exe files, etc too)
--brian
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]