MozTW 討論區 :: 檢視主題 - 疑似木馬語法火狐也能開？

chilly 寫:

可疑的網址↓

引言回覆:

http://www.xiamenwe.com/news/1.jpg

照說若是假的圖檔網址，火狐是顯示無法開這張圖
但我連結過去之後，火狐竟然顯示出一張還未開完的圖檔的小圖示
真是嚇壞人了
不知道是否意謂已經有應火狐而生的木馬語法？

http://www.xiamenwe.com/news/1.jpg/ <-- 沒哪麼嚴重啦...只是剛剛好這個資料夾的名字最後面是.jpg

2005-05-31 21:00:07.241 正在連線 www.xiamenwe.com:80
2005-05-31 21:00:07.241 正在連線 210.51.168.102:80
2005-05-31 21:00:07.257 已連線
2005-05-31 21:00:07.257 GET /news/1.jpg HTTP/1.1
2005-05-31 21:00:07.257 Host: www.xiamenwe.com
2005-05-31 21:00:07.257 Accept: */*
2005-05-31 21:00:07.257 User-Agent: Mozilla/4.0 (compatible; MSIE 5.00; Windows 98)
2005-05-31 21:00:07.257 Connection: Keep-Alive
2005-05-31 21:00:07.397 HTTP/1.1 301 Moved Permanently
2005-05-31 21:00:07.397 Date: Tue, 31 May 2005 12:52:33 GMT
2005-05-31 21:00:07.397 Content-Type: text/html
2005-05-31 21:00:07.397 Connection: close
2005-05-31 21:00:07.397 X-Pad: work around browser bug
2005-05-31 21:00:07.397 Server: Microsoft-IIS/6.0
2005-05-31 21:00:07.397 X-Powered-By: ASP.NET
2005-05-31 21:00:07.397 Location: http://www.xiamenwe.com/news/1.jpg/
2005-05-31 21:00:07.397 Via: 1.1 netcache1 (NetCache NetApp/5.5R4D6)
2005-05-31 21:00:07.397 重新導向到 http://www.xiamenwe.com/news/1.jpg/
2005-05-31 21:00:07.397 正在連線 www.xiamenwe.com:80
2005-05-31 21:00:07.397 正在連線 210.51.168.102:80
2005-05-31 21:00:07.553 已連線
2005-05-31 21:00:07.553 GET /news/1.jpg/ HTTP/1.1
2005-05-31 21:00:07.553 Host: www.xiamenwe.com
2005-05-31 21:00:07.553 Accept: */*
2005-05-31 21:00:07.553 User-Agent: Mozilla/4.0 (compatible; MSIE 5.00; Windows 98)
2005-05-31 21:00:07.553 Connection: Keep-Alive
2005-05-31 21:00:08.538 HTTP/1.1 200 OK
2005-05-31 21:00:08.538 Content-Length: 2983
2005-05-31 21:00:08.538 Content-Type: text/html
2005-05-31 21:00:08.538 Content-Location: http://www.xiamenwe.com/news/1.jpg/index.htm
2005-05-31 21:00:08.538 Last-Modified: Tue, 31 May 2005 05:30:52 GMT
2005-05-31 21:00:08.538 Accept-Ranges: bytes
2005-05-31 21:00:08.538 ETag: "39365e9a165c51:130ee"
2005-05-31 21:00:08.538 Server: Microsoft-IIS/6.0
2005-05-31 21:00:08.538 X-Powered-By: ASP.NET
2005-05-31 21:00:08.538 Date: Tue, 31 May 2005 13:00:07 GMT
2005-05-31 21:00:08.538 目的檔案已存在自動重新命名
2005-05-31 21:00:08.538 開始接收資料
2005-05-31 21:00:08.538 執行緒完成在 2983
2005-05-31 21:00:08.569 下載完成

發表人:	jayfromtaiwan [ 2005-05-31, 11:32 ]
文章主題 :
chilly 寫: 可疑的網址↓ 引言回覆: http://www.xiamenwe.com/news/1.jpg 照說若是假的圖檔網址，火狐是顯示無法開這張圖但我連結過去之後，火狐竟然顯示出一張還未開完的圖檔的小圖示真是嚇壞人了不知道是否意謂已經有應火狐而生的木馬語法？ http://www.xiamenwe.com/news/1.jpg/ <-- 沒哪麼嚴重啦...只是剛剛好這個資料夾的名字最後面是.jpg

發表人:	danielwang [ 2005-05-31, 13:34 ]
文章主題 :
過去有個自由軟體的圖片 library 有安全上面的 bug，而 Firefox/Mozilla 因為有用到它所以有受影響到（這個已經改善了）（不過令人匪夷所思的是 IE 也有完全一樣的 bug，是不是代表了微軟違反授權偷用自由軟體？）

發表人:	roytam1 [ 2005-05-31, 20:58 ]
文章主題 :
jayfromtaiwan 寫: chilly 寫: 可疑的網址↓ 引言回覆: http://www.xiamenwe.com/news/1.jpg 照說若是假的圖檔網址，火狐是顯示無法開這張圖但我連結過去之後，火狐竟然顯示出一張還未開完的圖檔的小圖示真是嚇壞人了不知道是否意謂已經有應火狐而生的木馬語法？ http://www.xiamenwe.com/news/1.jpg/ <-- 沒哪麼嚴重啦...只是剛剛好這個資料夾的名字最後面是.jpg 說對了這是用Net Transport下載的紀錄代碼: 2005-05-31 21:00:07.241 正在連線 www.xiamenwe.com:80 2005-05-31 21:00:07.241 正在連線 210.51.168.102:80 2005-05-31 21:00:07.257 已連線 2005-05-31 21:00:07.257 GET /news/1.jpg HTTP/1.1 2005-05-31 21:00:07.257 Host: www.xiamenwe.com 2005-05-31 21:00:07.257 Accept: / 2005-05-31 21:00:07.257 User-Agent: Mozilla/4.0 (compatible; MSIE 5.00; Windows 98) 2005-05-31 21:00:07.257 Connection: Keep-Alive 2005-05-31 21:00:07.397 HTTP/1.1 301 Moved Permanently 2005-05-31 21:00:07.397 Date: Tue, 31 May 2005 12:52:33 GMT 2005-05-31 21:00:07.397 Content-Type: text/html 2005-05-31 21:00:07.397 Connection: close 2005-05-31 21:00:07.397 X-Pad: work around browser bug 2005-05-31 21:00:07.397 Server: Microsoft-IIS/6.0 2005-05-31 21:00:07.397 X-Powered-By: ASP.NET 2005-05-31 21:00:07.397 Location: http://www.xiamenwe.com/news/1.jpg/ 2005-05-31 21:00:07.397 Via: 1.1 netcache1 (NetCache NetApp/5.5R4D6) 2005-05-31 21:00:07.397 重新導向到 http://www.xiamenwe.com/news/1.jpg/ 2005-05-31 21:00:07.397 正在連線 www.xiamenwe.com:80 2005-05-31 21:00:07.397 正在連線 210.51.168.102:80 2005-05-31 21:00:07.553 已連線 2005-05-31 21:00:07.553 GET /news/1.jpg/ HTTP/1.1 2005-05-31 21:00:07.553 Host: www.xiamenwe.com 2005-05-31 21:00:07.553 Accept: / 2005-05-31 21:00:07.553 User-Agent: Mozilla/4.0 (compatible; MSIE 5.00; Windows 98) 2005-05-31 21:00:07.553 Connection: Keep-Alive 2005-05-31 21:00:08.538 HTTP/1.1 200 OK 2005-05-31 21:00:08.538 Content-Length: 2983 2005-05-31 21:00:08.538 Content-Type: text/html 2005-05-31 21:00:08.538 Content-Location: http://www.xiamenwe.com/news/1.jpg/index.htm 2005-05-31 21:00:08.538 Last-Modified: Tue, 31 May 2005 05:30:52 GMT 2005-05-31 21:00:08.538 Accept-Ranges: bytes 2005-05-31 21:00:08.538 ETag: "39365e9a165c51:130ee" 2005-05-31 21:00:08.538 Server: Microsoft-IIS/6.0 2005-05-31 21:00:08.538 X-Powered-By: ASP.NET 2005-05-31 21:00:08.538 Date: Tue, 31 May 2005 13:00:07 GMT 2005-05-31 21:00:08.538 目的檔案已存在自動重新命名 2005-05-31 21:00:08.538 開始接收資料 2005-05-31 21:00:08.538 執行緒完成在 2983 2005-05-31 21:00:08.569 下載完成

發表人:	chilly [ 2005-06-01, 11:20 ]
文章主題 :
名為.jpg的資料夾，想不到只是這麼簡單的把戲... 不過現在要人分辨連結後會出現的檔是否為真圖檔就是看連結最後面的地方是.jpg還是.exe 如果該index內有木馬檔案不就無法從人家張貼的.jpg連結網址看出端倪了嗎？必須下載後才能判定是否有無風險哎......奇摩家族的警告公告也沒用處了~~偽圖檔太強了

MozTW 討論區 https://forum.moztw.org/

疑似木馬語法火狐也能開？ https://forum.moztw.org/viewtopic.php?f=2&t=8709	第 1 頁 (共 1 頁)

第 1 頁 (共 1 頁)	所有顯示的時間為 UTC + 8 小時
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/