[Esd-l] exe
Kenneth Porter
shiva at sewingwitch.com
Wed Jun 25 15:59:29 PDT 2003
--On Wednesday, June 25, 2003 11:20 AM -0500 Matt Moran <matt at mattnliz.net>
wrote:
> I don't know if its possible, but it certainly doesn't seem like a good idea
> to me. When you create a self extracting zip file you can specify that an
> executable program in the zip file be immediately run upon extraction. So
> if you allow self extracting zip files, you might as well just allow all exe
> files.
I don't know if it still works this way under Win32, but under DOS one just
appended the zip file to the extractor exe. Zip files are read by reading
backwards from the end for "PK", which marks the beginning of the zip header
(stored at the end of the file). The extraction code just opens itself and
starts scanning back from the EOF.
The problem is that there's no guarantee that the executable tacked on the
front is benign. I could imagine downloading the source for Info-ZIP, hooking
in a Trojan, and then mailing a self-extracting zip built with it.
More information about the esd-l
mailing list