Web pages open as "Code" ???

  • Thread starter Thread starter casey.o
  • Start date Start date
Same here. I think pure country started morphing a bit toward rock in the
mid 1950's and later to capture a larger audience. To me it's called the
Nashville Sound or Rockabilly - which I like, too. (They added strings,
etc, to country music). But I don't think the "country purists" really
liked them doing that!
Click to expand...

When it comes to country music, I like the old stuff like Johnny Cash.
Some of the newer stuff is ok, particularly some of the female artists,
like Martina McBride, Sara Evans etc. Much of it is more like Rock, but
it's good music. I've always like the group POCO. Country, Rock, Folk
and Bluegrass, all blended into one.
 
On Mon, 05 May 2014 23:12:20 -0400, (e-mail address removed) wrote:

[snip]
And did you know that a TEXT file can contain a virus? Yep, just type
the word "Virus" in the text file, and that text file contains a virus
:) For that matter,,,,,,,,
THIS message contains a VIRUS <----- (there it is).
Click to expand...

1) Several years ago, I downloaded a batch file virus. Batch files
are text files.

2) There is a short test file for antivirus software that is all
displayable text characters. It is an executable. I do not see why
the same approach could not be used to create a real virus.

Sincerely,

Gene Wirchenko
Click to expand...

Back in the old DOS days, I made a batch file that would fill up an
entire harddrive with text. Of course back then, a HDD was probably
10megs. In some ways, that was sort of a virus, but I didn't distribute
it. I just did it because I could.
 
<[email protected]>
wrote in message
@4ax.com...
| On Tue, 6 May 2014 00:43:16 -0500,
| "Hot-Text"
| <webmaster
| @mynews.ath.cx>
| wrote:
|
| > But True
| > We all do need a
| > Good anti-virus
| > For all laptop
| > And PC
| >Yes Mac Too
| > Sometimes
| > You will watch
| > A unsafe Flash
| > That go for
| > Well-known Server-Side Flash Sites
| > And trusted sites too!
| > Scripts, Databases
| > and Dynamic
| > All in your computer
| > Saying trust laptop
| > Lol Hilarious Flash
|
| Do you intentionally format your messages
| so weirdly,

Yes
I intentionally format
A message in a

Weird
Book Style Look

Why is "| >" screwed up your newsreader ?

| or is your newsreader screwed up?
| Or maybe your TAB key is stuck???
No stucking TAB Here
And
I also Edit The OP messages
To fit my Book Style needs
For Online Viewing
Web-News-Reader Only
< http://www.pcbanter.net/showthread.php?t=1090421 >
Have a Good Day
 
| 1) Several years ago, I downloaded a batch file virus. Batch files
| are text files.
|
| 2) There is a short test file for antivirus software that is all
| displayable text characters. It is an executable. I do not see why
| the same approach could not be used to create a real virus.
|

The text is not executable. An executable
interprets the text. A number of text-based file
types can be used to create malware: vbs, js,
html, hta, bat... but they're all interpreted and
acted on by some kind of software. A txt file --
or plain text alone -- is not executable.
Click to expand...

Nope. It is executable. See
<http://www.eicar.org/86-0-Intended-use.html>:

The Anti-Malware Testfile

This test file has been provided to EICAR for distribution as the
"EICAR Standard Anti-Virus Test File", and it satisfies all the
criteria listed above. It is safe to pass around, because it is not a
virus, and does not include any fragments of viral code. Most products
react to it as if it were a virus (though they typically report it
with an obvious name, such as "EICAR-AV-Test").


The file is a legitimate DOS program, and produces sensible results
when run (it prints the message
"EICAR-STANDARD-ANTIVIRUS-TEST-FILE!").

It is also short and simple - in fact, it consists entirely of
printable ASCII characters, so that it can easily be created with a
regular text editor. Any anti-virus product that supports the EICAR
test file should detect it in any file providing that the file starts
with the following 68 characters, and is exactly 68 bytes long:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

The first 68 characters is the known string. It may be optionally
appended by any combination of whitespace characters with the total
file length not exceeding 128 characters. The only whitespace
characters allowed are the space character, tab, LF, CR, CTRL-Z. To
keep things simple the file uses only upper case letters, digits and
punctuation marks, and does not include spaces. The only thing to
watch out for when typing in the test file is that the third character
is the capital letter "O", not the digit zero.

Sincerely,

Gene Wirchenko
 
| >| 1) Several years ago, I downloaded a batch file virus. Batch files
| >| are text files.
| >|
| >| 2) There is a short test file for antivirus software that is all
| >| displayable text characters. It is an executable. I do not see why
| >| the same approach could not be used to create a real virus.
| >|
| >
| > The text is not executable. An executable
| >interprets the text. A number of text-based file
| >types can be used to create malware: vbs, js,
| >html, hta, bat... but they're all interpreted and
| >acted on by some kind of software. A txt file --
| >or plain text alone -- is not executable.
|
| Nope. It is executable. See
| <http://www.eicar.org/86-0-Intended-use.html>:
|

Okey doke. I'll be interested to see when you get
a word processor running in Notepad.
 
| >| 1) Several years ago, I downloaded a batch file virus. Batch files
| >| are text files.
| >|
| >| 2) There is a short test file for antivirus software that is all
| >| displayable text characters. It is an executable. I do not see why
| >| the same approach could not be used to create a real virus.
| >|
| >
| > The text is not executable. An executable
| >interprets the text. A number of text-based file
| >types can be used to create malware: vbs, js,
| >html, hta, bat... but they're all interpreted and
| >acted on by some kind of software. A txt file --
| >or plain text alone -- is not executable.
|
| Nope. It is executable. See
| <http://www.eicar.org/86-0-Intended-use.html>:
Click to expand...
Okey doke. I'll be interested to see when you get
a word processor running in Notepad.
Click to expand...

Are you being deliberately obtuse? Copy the EICAR string from
the Webpage, paste it into an empty Notepad doc, and then save it as,
say, "EICAR.exe" (making sure to not have .txt extension as well).

You can then run it (unless your AV stops it):
eicar

The string was designed to be totally made up of displayable
ASCII and yet be a .exe.

Sincerely,

Gene Wirchenko
 
Mayayana said:
| >| 1) Several years ago, I downloaded a batch file virus. Batch files
| >| are text files.
| >|
| >| 2) There is a short test file for antivirus software that is all
| >| displayable text characters. It is an executable. I do not see why
| >| the same approach could not be used to create a real virus.
| >|
| >
| > The text is not executable. An executable
| >interprets the text. A number of text-based file
| >types can be used to create malware: vbs, js,
| >html, hta, bat... but they're all interpreted and
| >acted on by some kind of software. A txt file --
| >or plain text alone -- is not executable.
|
| Nope. It is executable. See
| <http://www.eicar.org/86-0-Intended-use.html>:
|

Okey doke. I'll be interested to see when you get
a word processor running in Notepad.
Click to expand...

I use EICAR for testing AV scanners here.

http://en.wikipedia.org/wiki/EICAR_test_file

If you have an AV scanner you don't trust (TrendMicro
web scanner), drop an EICAR file on your C: drive,
and see if the scanner can detect it. Even though there
is no real danger to EICAR as an executable, the AV
scanners will still offer to quarantine the file for you.

EICAR is detected by signature. If it was inside
a ZIP file, it could still be detected. If it is in
a custom archive, it won't be detected. Neither will
it be detected if it is in a password protected archive.
As the AV scanner doesn't know the password (and won't
waste time cracking it).

Paul
 
| Are you being deliberately obtuse? Copy the EICAR string from
| the Webpage, paste it into an empty Notepad doc, and then save it as,
| say, "EICAR.exe" (making sure to not have .txt extension as well).
|

I see. That *is* weird. The DOS host is running it
as DOS, even though EXE is a 32-bit file extension
and the file is not a valid EXE file. On the other hand,
that's really not any different from naming the file
with .BAT. It's still a case of interpreted text, basically
script.
 
|
| If you have an AV scanner you don't trust (TrendMicro
| web scanner), drop an EICAR file on your C: drive,
| and see if the scanner can detect it. Even though there
| is no real danger to EICAR as an executable, the AV
| scanners will still offer to quarantine the file for you.
|
| EICAR is detected by signature. If it was inside
| a ZIP file, it could still be detected. If it is in
| a custom archive, it won't be detected. Neither will
| it be detected if it is in a password protected archive.
| As the AV scanner doesn't know the password (and won't
| waste time cracking it).
|

All that really means is that a string of the DOS
content is one of the standard virus signatures.
The following should also be detected by most AV:

<style>*{position:relative}</style><table><input>

That simple line, in an HTML file, will crash IE. But
it's not executable code.
 
I see. That *is* weird. The DOS host is running it
as DOS, even though EXE is a 32-bit file extension
Click to expand...

No, the EXE extension predates the 32-bit world. Win 3.x programs used
that extension. AFAIK, there is no extension that is used exclusively
for 32-bit programs.
 
| > > I see. That *is* weird. The DOS host is running it
| > >as DOS, even though EXE is a 32-bit file extension
| >
| > No, the EXE extension predates the 32-bit world. Win 3.x programs used
| > that extension.
|
| Yes. And so did MS-DOS programs even before Windows 3.0.
|

I didn't know that. I thought they were only COM files.
But it makes sense, since 32-bit EXEs usually contain a
"DOS stub" at the front of the file, which will print "This
program cannot be run in DOS mode" if it's run in a
DOS environment.
Running Filemon while running the test file, I see Explorer
open the file, read 68 bytes (the full file length), then call
ntvdm.exe. I'm guessing that's the default behavior. If a
PE signture is not found in a file with an EXE extension it's
assumed to be DOS.
 
|| Are you being deliberately obtuse? Copy the EICAR string from
|| the Webpage, paste it into an empty Notepad doc, and then save it as,
|| say, "EICAR.exe" (making sure to not have .txt extension as well).
||
|
| I see. That *is* weird. The DOS host is running it
| as DOS, even though EXE is a 32-bit file extension
| and the file is not a valid EXE file. On the other hand,
| that's really not any different from naming the file
| with .BAT. It's still a case of interpreted text, basically
| script.
|

It not Running in Dos
But windows
It is Calling up a
Dos software
With in the EXE
To run a Task
Using in Dos
Write a Bat,
com, Inf, or Inc

If you don't like it
For that just it go's

Welcome to the world of
Micro-Soft

That why No website stuff is 100% safe.
 
|| > > I see. That *is* weird. The DOS host is running it
|| > >as DOS, even though EXE is a 32-bit file extension
|| > No, the EXE extension predates the 32-bit world. Win 3.x programs used
|| > that extension.
|| Yes. And so did MS-DOS programs even before Windows 3.0.
| I didn't know that. I thought they were only COM files.
| But it makes sense, since 32-bit EXEs usually contain a
| "DOS stub" at the front of the file, which will print "This
| program cannot be run in DOS mode" if it's run in a
| DOS environment.
| Running Filemon while running the test file, I see Explorer
| open the file, read 68 bytes (the full file length), then call
| ntvdm.exe. I'm guessing that's the default behavior. If a
| PE signture is not found in a file with an EXE extension it's
| assumed to be DOS.
|

It good it seen the Task Running
For the ones I do not like is
The ones that hidden the Task
 
|| I see. That *is* weird. The DOS host is running it
|| as DOS, even though EXE is a 32-bit file extension
|| and the file is not a valid EXE file. On the other hand,
|| that's really not any different from naming the file
|| with .BAT. It's still a case of interpreted text, basically
|| script.
||
|
| It not Running in Dos
| But windows
| It is Calling up a
| Dos software
| With in the EXE

Windows (Explorer) is starting with the file because
it's an EXE. When Explorer doesn't find a valid Win32
PE file it then calls ntvdm (NT DOS Virtual Machine)
which then interprets the internal text as DOS. That
seems like a security bug to me, but I suppose in
Microsoft's view it's a historical standard that they need
to support for the rare people who might need to run
DOS files within Windows.

| That why No website stuff is 100% safe.

I don't mean to split hairs here. A BAT, VBS, or EXE
work differently, but all can execute in some sense.
Nevertheless, I'm trying to clarify it because I think it's
worthwhile for people to have some understanding of
how executable code can work. If you understand that
you can assess the safety of online activities. HTML is
plain text interpreted by a browser as graphic layout
directions. It is not executed. The same is true of CSS.
I'm not aware of any case where executable code was
able to run on the client system by exploiting HTML or
CSS. (There are cases of bad HTML that can crash a
browser, but that's not an attack. It's just a browser bug.)

Nearly all online risks involve
javascript *because the browser interprets script as
executable*. Online risks that don't involve script generally
involve an EXE, like one of Adobe's files. Even then, the
problem seems to usually boil down to Adobe using script.
Another problem, in IE, is ActiveX controls. But those,
again, are executables.

There was a vulnerability several years ago in a graphics
library that allowed an attack in IE by using a JPG file, but
that kind of thing is very rare.
https://technet.microsoft.com/library/security/ms04-028

What I'm trying to clarify is that text alone is not executable.
Bytes are bytes. How they are treated determines what the
result is. There is no text that can be opened in Notepad to
execute anything, because the bytes are interpreted as text
characters. Executable text (script) is risky only because it's
interpreted by some kind of host which then executes operations.
(You can open the nastiest javascript bug or BAT file in Notepad
without risk.)

All the examples we're talking about here of executable
text are cases where the text is Windows-supported code
in a file type that marks it as executable, or run as webpage
code by a browser.

So, if a webpage opens as text it's safe in that form, because
the browser is interpreting the bytes as text characters.

If you disable script and don't install plugins, Java, etc then you
may not have a 100% guarantee of safety online, but it will be
pretty close to 100%. If you do enable script you're a sitting duck.
At every site you visit you're assuming that 1) the host is honest
and not malicious and 2) the host site has not been compromised
by an outside entity. The difference boils down to executable code
being run through or by the browser.
 
Ken Blake said:
Yes. And so did MS-DOS programs even before Windows 3.0.
Click to expand...

True. Anything more complex than a *.com file, which was just
non-relocatable executable code. Just load it in and branch to it. The
*.exe format has been evolving over decades.
 
Back
Top