![]() With this trick, the text file contains the ASCII representations of machine-language commands. Because antivirus programs and other types of security scanners will often flag malicious code being copied onto a new host, attackers can sneak the malicious file by as a "harmless" ASCII text file. Another text file trick, more common years ago but still possible today, is for attackers to create text files that when fed through Debug.exe will create malicious executables. Text files and text editors (such as Notepad and Wordpad) can be used maliciously to overwrite legitimate text files (e.g., Autoexec.bat, Win.ini, Hosts, etc.). These types of attacks were called ANSI-bombs. ![]() The attacker would embed commands that would remap the user's keyboard so that the next key they pressed formatted their hard drive. It worked because a driver file called Ansi.sys would convert embedded keyboard control characters into their action-based counterparts. In the days of DOS, an attacker could send a victim a pure ASCII text file that when read, formatted the user's hard drive. Even plaintext files can be used maliciously. No matter how innocent and unremarkable a file format is, it can probably be malformed in some way by attackers to make it malicious. Ultimately, any file can be used maliciously.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
June 2023
Categories |