[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] --trust-server-names
From: |
David H. Lipman |
Subject: |
Re: [Bug-wget] --trust-server-names |
Date: |
Sat, 14 Apr 2012 10:30:28 -0400 |
From: "Ángel González" <address@hidden>
> On 14/04/12 02:17, David H. Lipman wrote:
>> I eat PDF Exploit files for breakfast.
>
>>>>> And how about a server that calls its malware ".bashrc"?
>>>>>
>>>> Since it is a non standard named file, I will open it in FileInsight
>>>> and examine the binary. If I don't recognize its format, I'll run the
>>>> TrID plug-in and detrrmine its format. I will treat the file
>>>> accordingly.
>>> .bashrc is the name of a file executed automatically by bash(1) on
>>> startup if present in the home folder. As such, that can lead to code
>>> execution.
>>
>> Not on Windows.
> Unless you use eg. msys
>
> I was explaining the vulnerability. If you feel you're safe, you can go
> with the
> option. We assume you'll be careful enough not to shoot yourself in the
> foot.
>
And I apreciate that fact - Thanx!
--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp
- [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/12
- Re: [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/12
- Re: [Bug-wget] --trust-server-names, Ángel González, 2012/04/12
- Re: [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/12
- Re: [Bug-wget] --trust-server-names, Micah Cowan, 2012/04/12
- Re: [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/12
- Re: [Bug-wget] --trust-server-names, Ángel González, 2012/04/13
- Re: [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/13
- Re: [Bug-wget] --trust-server-names, Ángel González, 2012/04/14
- Re: [Bug-wget] --trust-server-names,
David H. Lipman <=