[WEB SECURITY] Minimal User Interaction with Links
51l3n73y3s
51l3n7 at live.in
Fri Aug 14 14:02:00 EDT 2009
Hello list,
Is it possible to execute or save a file by just clicking on a link?
I might be missing something over here, here is a sample eicar test string
http://www.eicar.org/download/eicar.com
As soon as I click on it, my AV gives me the message about the detection at
"%temp%\ NcsWJCau.com.part" and the page also gives me an option to save the
file. Doesn't this mean that the file is being stored in the temp directory
without user interaction?
-Sandeep Cheema
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
More information about the websecurity
mailing list