dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
3877

dvd536
as Mr. Pink as they come
Premium Member
join:2001-04-27
Phoenix, AZ

dvd536

Premium Member

Working WMF test site

Are there any working[safe] WMF test sites that people can test the patches with? the GRC one that linked to has the patch but the blog/test isnt there.

ZOverLord
Premium Member
join:2003-10-20
Minneapolis, MN

3 edits

ZOverLord

Premium Member

Yes, I have created the most current version of test files for this exploit 1.17 ("Which was changed Today") from 1.16 both on-line and in zip files, also I have created test files from the last 2 prior releases ("1.16 and 1.14") as well in zip files, more information here:

»Windows MetaFiles still vulnerable
mysec
Premium Member
join:2005-11-29

mysec to dvd536

Premium Member

to dvd536
I downloaded a wmf file that was posted for testing a few days ago - it's the one that runs calc.exe.

I've put it on my site in a page using iframe
iframe src="test.wmf" style=""> iframe>
_______________________________________

wfmtest


SpannerITWks
Premium Member
join:2005-04-22

SpannerITWks

Premium Member

Hi my,

I've included this as it displays a different result to all the previous peoples tests i've done over the past few days.



When i close the page i get roundabout a 100mS flash of this -



I had to save the page to disk to actually be able to view it properly in able to take the screeny. The interesting thing about this test is the box in the upper left hand side. What was supposed to be in there that my system wouldn't allow me to see ?

AntiVir still kicked in as above, when opening the saved page.

Spanner

jbob
Reach Out and Touch Someone
Premium Member
join:2004-04-26
Little Rock, AR
·Comcast XFINITY
Asus GT-AX6000
Asus RT-AC66U B1

jbob to dvd536

Premium Member

to dvd536
Click for full size
I tried it and first got the Open dialog in Fx which defaulted to Open wmffile. I chose to save to disk and then got the second error gui box "could not be saved....". After that then my AV popped up it's thing. I also get that box in the upper left hand screen.

norwegian
Premium Member
join:2005-02-15
Outback

norwegian to dvd536

Premium Member

to dvd536
Click for full size
All good here, KAV gets it before i get chance to open it.
mysec
Premium Member
join:2005-11-29

2 edits

mysec to SpannerITWks

Premium Member

to SpannerITWks
said by SpannerITWks:

The interesting thing about this test is the box in the upper left hand side. What was supposed to be in there that my system wouldn't allow me to see ?
That is the iframe.

On the hacked sites the iframe tag includes "display=none"

I let it display so you can see. Since there is nothing legitimate to display, the frame is blank, or displays "page not found" or something like that.

edit: clarify iframe


SpannerITWks
Premium Member
join:2005-04-22

SpannerITWks

Premium Member

Hi my,

Thanx 4 the clarification.

Good 2 go !

Spanner