|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs
From: Knud Erik Højgaard (kain
EGOTRIP.DK)Date: Fri Apr 14 2000 - 21:49:37 CDT
- Next message: Pavel Kankovsky: "Re: regarding phrack49's stack smashing tutorial"
- Previous message: Tom: "Re: Please do NOT send examples of too long filenames (etc)"
- Next in thread: Daniel P. Zepeda: "Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs"
- Next in thread: Sean A. Walberg: "Re: Sendmail vs *.vbs"
- Maybe reply: Knud Erik Højgaard: "Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
more than 3(three) exclamation marks is a sign of insanity.
so is lousy english.
removing wscript and cscript links is not a solution. nor is open source.
the whole purpose(IMHO) with these languages is being able to do anything.
open source on this will improve nothing. its like exchanging a command.com
with an 'improved' one, where users cant type del and mkdir etc.
...uuuh..how would you run a server checking all the attachments being sent
? just search for 'malicious' strings ? people made computers. people will
always find a loophole. the things you suggest are impossible. imagine
searching for certain strings in all attachments..uiie..maybe on your 5
user network it would work...AFAIK the place i work have about 900
people...mailing _all_ the time..what kind of server would you use ? or
would you disallow all attachments ? nice solution... search for certain
strings in certain filetypes. untill someone discovers a new neat trick.
..where in windows is the its:// protocol(chm(compiled html) - for reading
help files etc) described? nowhere. how many more of these 'secret' things
are around? noone knows. so your solution is crap.
thats all...
beer rocks. sun sucks!
Knud Erik Højgaard
l33t h3lpd3sk 4$$munch
At 14:26 11-05-00 -0600, you wrote:
> I have users that are not willing to remove their wscript and cscript
>links. :-(
>
>I would like to see any time a *.vbs try to run a pgp checksum is sent to
>a PKI or LDAP server to be authenticated. Any program that fails will be
>send to the sysadmin. This should be easy because most users do not write
>there own vb scripts.
>
>I can see two or three ways of doing this.
>
>1.) Simple rename wscript.exe to wscript.obj
> The write a program to be wscript.exe replacement that sends for
>authentication. The send the ole to the wscript.obj.
>
>2.) Has MS open up the source code to wscript and cscript so we can
>rewrite are own.
>
>3.) If MS add this themselves. <--- I do not thing this will happen
>because they said it's not our problem, NOT A BUG it is a feature.
>
> I also would like this to be expandable to all binary!!!!! If we are
>going to stop all virus and worms this is the best way I can think or.
>
>
>
>Enjoy,
>
>Richard Rager
>
- Next message: Pavel Kankovsky: "Re: regarding phrack49's stack smashing tutorial"
- Previous message: Tom: "Re: Please do NOT send examples of too long filenames (etc)"
- Next in thread: Daniel P. Zepeda: "Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs"
- Next in thread: Sean A. Walberg: "Re: Sendmail vs *.vbs"
- Maybe reply: Knud Erik Højgaard: "Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]