[Full-Disclosure] Re: Full-Disclosure digest, Vol 1 #1933 - 20
bkfsec at sdf.lonestar.org
Tue Sep 28 20:01:27 BST 2004
>>>far-fetched. Would it be possible to create a jpeg that would copy
>itself to other drives on a shared network in an auto-executable
>position? I suppose so... however, it would be noisy and probably
>wouldn't be amazingly successful.<<
>Picture a company full of users and a worm that copys the jpg file to
>\\machinename\c$\Documents and Settings\All Users\Desktop
>you think it might get a few clicks, especially if it had a harmeless yet
>tempting name like saturn.jpg
I could think of even worse places to put it.
Of course, some companies would fall victim to this, but in an even
remotely secured network domain, you'd probably have to compromise a
domain admin's system and try to spread on shares via that login.
p.s. By making the inherent assumption here that admins would be less
likely to get infected with this than average users and that the average
network is even remotely secured, I'm probably (definately?) giving
corporate networks more slack than they deserve. Referring to this
attack vector as "wouldn't be amazingly successful" is probably wildly
optimistic on my part.
Full-Disclosure is hosted and sponsored by Secunia.