~ Essays ~
         to malware    essays
(Courtesy of fravia's advanced searching lore)

(`. Careful With That Axe Eugine! .)
by Finn61
published at searchlores in October 2001

Careful With That Axe Eugine!

Exploitable Standards

In the mad rush to jump on the file sharing band wagon many inexperienced (or just plain careless) users are sharing more than they may realise. With the promise of 'free stuff' just a few clicks away it's evident that some people are not paying enough attention to how they configure their file sharing clients.

I'm talking about choosing which directories you wish to share with the masses and, more importantly, what's in those directories. You wouldn't mind sharing your collection of mp3's but maybe not your 'My Documents' directory right? I wonder how many people have accidently shared a high level directory without understanding that they may be recursively sharing directories underneath?

Computer standards have been around for almost as long as computer users have been lazy. Standards are usually good. It's important that our modems can talk to each other for example. Standards can also be exploited. I've never seen your computer system but I bet there's a good chance you boot your Windows box off your C: drive right? It's standard to assign C: to your root drive. Most people don't even think about it.

Another standard we know of is that when MS Word saves a file, the filename defaults to the words on the first line of the document. If you just hit enter when you save that letter you've been writing your filename will be something like "Dear John.doc".

Next time you're file sharing do a quick search on "dear". I'm using Morpheous at the moment which lets me share (or should a say snare) documents as well as media and executable files. Interestingly I'm seeing quite a few "Dear Mom.doc" and "Dear Diary.doc" and "Dear Journal.doc". Even a few "To Whom It May Concern.doc". You get the picture, people's personal and private data laid open for anyone to pilfer. Why? Because when you have 521,000 users some of them are bound to be careless.

This virus that format's your C: and D: drive, it only works because it presumes you have these drives. It didn't do much to the person who boots off their M: drive. The person who keeps his documents in a different directory to "My Documents" and doesn't install everything to "Program Files". That virus couldn't mail out from his non-Outlook address list or even find a "windows" directory at all. Was this guy running Linux? Nah, he just deviated enough from the standards (which most virus writers exploit) to protect himself a little.

If you give a child an axe to play with, someone will get hurt. Careless people will find out how sharp those file sharing clients can be.

Finn61



Petit image
Back to Malware.htm

(c) 1952-2032: [fravia+], all rights reserved and reversed