PDA

View Full Version : Viruses



Unregistered
02-04-2005, 05:14 AM
Can someone tell me how viruses come about. I dont understand. For example, say on a chat room sum* advertises their email addy saying email them, i assume that if u do email them then you'll get a virus.
Basically my question is how do people send viruses through email because i have no idea? Thanks.

ABHIS
02-04-2005, 10:42 AM
Originally posted by Unregistered
Can someone tell me how viruses come about. I dont understand. For example, say on a chat room sum* advertises their email addy saying email them, i assume that if u do email them then you'll get a virus.
Basically my question is how do people send viruses through email because i have no idea? Thanks.

Any email file attchement (executable) with one of the following extension may contain a virus:
.com;.dot;.pot;.zip;.exe;.dll;.ocx;.sys;.cpl;.bat;.lnk;.pif;.cmd;.scr;.ini;.vbs;.vbe;.chm;.hta;.htm; .html;.js;.jse;.reg;.msi;.msp;.msc;.url;.dbx;.php; [ to name a few ;) ]

Any * of these extensions may contain codes to execute a task on your machine.

virus CANNOT be transmitted in graphic passive file format:
tif, jpg, bmp, gif, mpg, avi, vob, ra, qt, mov

viruses are most of the time linked to the email in the attachment file, UNLESS the email itself is in an html format.

This is how we proceed in our corporation: our OWN email server rejects systematically any email with the above mentionned extensions, irrelevant of their content!

Lesnix
02-15-2005, 01:03 PM
virus CANNOT be transmitted in graphic passive file format:
tif, jpg, bmp, gif, mpg, avi, vob, ra, qt, mov


lol... What about MS Windows vulnerability(http://www.securitylab.ru/47*46.html)
Exploit:
http://www.securitylab.ru/_Article_Images/2004/0*/jpeg.c.txt


Jpg viruses is real...

ABHIS
02-15-2005, 02:12 PM
Originally posted by Lesnix
lol... What about MS Windows vulnerability(http://www.securitylab.ru/47*46.html)
Exploit:
http://www.securitylab.ru/_Article_Images/2004/0*/jpeg.c.txt

Jpg viruses is real...
It seems that you missed an important part of the reading:
*. The title is <B>Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution</B> note the word "could".
2. Do you have any idea what is GDI+, sure you have.. Let's put it this way:
Those users that are still using Win*x and use internet explorer to vew .jpg photos, instead of using any other appropriate photo viewer, <B> could </B> face an unwanted code execution.
In case you don't know, the code execution CAN be initiated in MSIE but NOT in any other appropriate photo viewer.
*. The vulnerability is from MSIE not from the jpg format.

So, because you started with lol, and, before having a stomach cramp from laughing, read here (http://www.corion.net/cgi-bin/wiki.cgi/display/AllNodes) about files format so you will understand a little why passive files like tif, jpg, bmp, gif, mpg, avi, vob, ra, qt, mov CANNOT contain virus
cheers ;)

ABHIS
02-15-2005, 02:20 PM
Another extremely imortant point is:
Those .jpg files that trigger code execution in MSIE have a jpg extension BUT ARE NOT truely jpg files (they do not have the jpg file format internal scheme) They contain a malicious script mixed with some html code saved in a file with a .jpg extension.
They cannot be opened in a photo viewer but they trigger a code execution in MSInternetEplorer.

Unregistered
03-13-2005, 08:01 PM
I need someone to shut dopwn a pro***rd for me,. i will send u *0 U.S dollars. sorry, but i dont know how to hack, i tried using COMMAND PROMt like what one of my friends said to do. anyways here is the link to the site i need shut down.



http://hoggwartys.pro***rds*0.com/index.cgi just shut it down permamantly or put a bug on it.