| ▲ | gruez 4 hours ago | |
>Exploiting may require you to ship both the malicious EXE and the MD, then trick the user into clicking the link inside the MD. But then you could have just tricked them into directly clicking the EXE. 1. You can use UNC paths to access remote servers via SMB 2. Even if it's local, it's still more useful than you make it out to be. For instance, suppose you downloaded a .zip file of some github project. The .zip file contains virus.exe buried in some subfolder, and there's a README.md at the root. You open the README.md and see a link (eg. "this project requires [some-other-project](subfolder\virus.exe)". You click on that and virus.exe gets executed. | ||
| ▲ | jkrejcha 2 hours ago | parent | next [-] | |
> 1. You can use UNC paths to access remote servers via SMB Relevant article from The Old New Thing: https://devblogs.microsoft.com/oldnewthing/20060509-30/?p=31... Programs (this is true for most mainstream operating systems) can become network facing without realizing it. I've sometimes found a bunch of Windows programs sometimes tends to assume that I/O completes "instantly" (even if async I/O has been common on Windows for a very long time) and don't have a good UX for cancelling long running I/O operations | ||
| ▲ | electroly 2 hours ago | parent | prev [-] | |
Definitely; I didn't mean to underplay it. Here's a fun one: | ||