[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ANSI Bombs are still a threat? (was: Re: Good times virus (ANSI BOMB?))
-----BEGIN PGP SIGNED MESSAGE-----
In list.cypherpunks, [email protected] writes:
> Although the concept of "text viruses" seems a bit far fetched to some
> people, there these lovely toys known as ANSI bombs. Essentially they work
> in a similar method to the some techniques used in the sendmail bug, but
> they are MS-DOS specific, they will use embedded ANSI codes to run programs
> as the files is viewed...
The MS-DOS ANSI bomb relies on the capability of redefining keystrokes
through the ANSI screen driver. Most all the DOS boxen I lay hands on
lose this capability quickly, when I install more capable ANSI drivers
that have this misfeature disabled. Fortunately, few people rely on
ANSI-based text viewers, so I'd hope that even the otherwise unprotected
machines have some immunity. (how many people use 'type filename'
anymore?)
I first learned of ANSI bombs back in the Cretacious period (1989), when
it briefly became popular to slip them into PKZIP 0.92 comment fields.
I even saw a couple in files I downloaded, because even then I had
removed the function from my screen driver. The attempted redefs would
show up as plain text.
> If anyone feels the need for proof I collected a few a while back, but
> really don't see the need to post them...heh heh.
[0;5;30;47mI wonder if anyone's mail readers are even succeptible? (he
said, grinning)
- --
Roy M. Silvernail [ ] [email protected]
PGP public key available by mail
echo /get /pub/pubkey.asc | mail [email protected]
These are, of course, my opinions (and my machines)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
iQCVAwUBLuY7wBvikii9febJAQFE7AP/RObKGqQ0Usi9SRyM3TA5doewB9E/VVKs
NOOGan6aPZrt0B0wGZRxvmYBDfSixc5LhmCvDBmSiQid3sxbtCZKAUdLqjic7N2F
6ypNktYtcaJgQ95DO9xqzPR42UxJN2GDLIuwX0/01Cu3x08tgu9R2FVoVgkvGMmF
YggtpKNrUWk=
=V3Nl
-----END PGP SIGNATURE-----