spyware question - GoFuckYourself.com

crockett · 06-08-2004, 10:16 PM

what is a DSO exploit ? found with spybot

okdesign · 06-09-2004, 03:56 AM

I found it too

Helix · 06-09-2004, 06:00 AM

Its allows an attacker to run arbitrary commands on Windows machines with a simple bit of HTML.
Make sure your windows and IE critical patches are up to date. Microsoft already issued a fix for this.

AnalProbe · 06-09-2004, 06:05 AM

=html=
=def socket="shell32.dll&dsohahahahahaha" type="shell"=
=value="dso.write'format c:'"=
=value="dso.write'self.restart'"=
=/html=

mardigras · 06-09-2004, 06:59 AM

DSO exploit=Data Source Object exploit

Helix's answer was perfect to your question with the addition that Microsoft has issued patches for known exploits. They will release new patches as new exploits are found. It may look like Windows Update is offering you the same patch again but it is for different problems. Just wanted to point that out because I know more than one person who had skipped that patch at WU because they "had already downloaded it".

crockett · 06-09-2004, 08:34 AM

ok well I was already up to date on all the patches but every time I run spy bot this same DSO exploit is there. It's not getting deleted, is there a way to go in a manually delete it.. Looks like registry files which have either been added or modified.

{fusion} · 06-09-2004, 08:41 AM

do you have other programs on there like adaware ect?

some programs keep a quarentine of spyware found

06-08-2004, 10:16 PM	#1
crockett in a van by the river Industry Role: Join Date: May 2003 Posts: 76,806	spyware question what is a DSO exploit ? found with spybot __________________ In November, you can vote for America's next president or its first dictator.

06-09-2004, 03:56 AM	#2
okdesign ICQ 278367136 Industry Role: Join Date: May 2002 Posts: 24,772	I found it too __________________ Webmasters, Come here for SUPER BIG TITS Highest Conversions, Highest Retention!

06-09-2004, 06:59 AM	#5
mardigras Bon temps! Join Date: Feb 2003 Location: down yonder Posts: 14,194	DSO exploit=Data Source Object exploit Helix's answer was perfect to your question with the addition that Microsoft has issued patches for known exploits. They will release new patches as new exploits are found. It may look like Windows Update is offering you the same patch again but it is for different problems. Just wanted to point that out because I know more than one person who had skipped that patch at WU because they "had already downloaded it". __________________ .

06-09-2004, 08:34 AM	#6
crockett in a van by the river Industry Role: Join Date: May 2003 Posts: 76,806	ok well I was already up to date on all the patches but every time I run spy bot this same DSO exploit is there. It's not getting deleted, is there a way to go in a manually delete it.. Looks like registry files which have either been added or modified. __________________ In November, you can vote for America's next president or its first dictator.

06-09-2004, 06:00 AM	#3
Helix Confirmed User Join Date: Feb 2002 Location: Michigan Posts: 5,998	Its allows an attacker to run arbitrary commands on Windows machines with a simple bit of HTML. Make sure your windows and IE critical patches are up to date. Microsoft already issued a fix for this.

06-09-2004, 06:05 AM	#4
AnalProbe pain in the Ass Industry Role: Join Date: Jan 2004 Posts: 3,727	=html= =def socket="shell32.dll&dsohahahahahaha" type="shell"= =value="dso.write'format c:'"= =value="dso.write'self.restart'"= =/html=

06-09-2004, 08:41 AM	#7
{fusion} Confirmed User Join Date: Sep 2003 Posts: 1,650	do you have other programs on there like adaware ect? some programs keep a quarentine of spyware found