Valid HTML 4.01 Transitional Valid CSS Valid SVG 1.0

Me, myself & IT

Demonstration of drive-by downloads

Purpose

Purpose

Demonstrate drive-by downloads to conduct the well-known and well-documented attack CAPEC-471: Search Order Hijacking listed in the CAPEC against the well-known and well-documented weaknesses CWE-426: Untrusted Search Path and CWE-427: Uncontrolled Search Path Element listed in the CWE, present in almost all executable installers, self-extracting executable archives (SFXs) and portable applications built for Microsoft® Windows®, despite the instructions given in the MSDN articles Dynamic-Link Library Security and Dynamic-Link Library Search Order, the Security Advisory 2269637, plus the MSKB articles 2389418 and 2533623.

Contact

If you miss anything here, have additions, comments, corrections, criticism or questions, want to give feedback, hints or tipps, report broken links, bugs, deficiencies, errors, inaccuracies, misrepresentations, omissions, shortcomings, vulnerabilities or weaknesses, …: don’t hesitate to contact me and feel free to ask, comment, criticise, flame, notify or report!

Note: email in weird format and without a proper sender name is likely to be discarded!

I dislike HTML (and even weirder formats too) in email, I prefer to receive plain text.
I also expect to see your full (real) name as sender, not your nickname.
I abhor top posts and expect inline quotes in replies.

Terms and Conditions

By using this site, you signify your agreement to these terms and conditions. If you do not agree to these terms and conditions, do not use this site!

Data Protection Declaration

This web page records no (personal) data and stores no cookies in the web browser.

The web service is operated and provided by

Telekom Deutschland GmbH
Business Center
D-64306 Darmstadt
Germany
<‍hosting‍@‍telekom‍.‍de‍>
+49 800 5252033

The web service provider stores a session cookie in the web browser and records every visit of this web site with the following data in an access log on their server(s):


Copyright © 1995–2020 • Stefan Kanthak • <‍stefan‍.‍kanthak‍@‍nexgo‍.‍de‍>