[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] --trust-server-names

From: David H. Lipman
Subject: Re: [Bug-wget] --trust-server-names
Date: Sat, 14 Apr 2012 10:30:28 -0400

From: "Ángel González" <address@hidden>

> On 14/04/12 02:17, David H. Lipman wrote:
>> I eat PDF Exploit files for breakfast.
>>>>> And how about a server that calls its malware ".bashrc"?
>>>> Since it is a non standard named file, I will open it in FileInsight
>>>> and examine the binary.  If I don't recognize its format, I'll run the
>>>> TrID plug-in and detrrmine its format.  I will treat the file
>>>> accordingly.
>>> .bashrc is the name of a file executed automatically by bash(1) on
>>> startup if present in the home folder. As such, that can lead to code
>>> execution.
>> Not on Windows.
> Unless you use eg. msys
> I was explaining the vulnerability. If you feel you're safe, you can go
> with the
> option. We assume you'll be careful enough not to shoot yourself in the
> foot.

And I apreciate that fact - Thanx!

Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk

reply via email to

[Prev in Thread] Current Thread [Next in Thread]