RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior
Does this same plugin system also apply to emule?
On Thu, 18 Dec 2003 07:03:17 -0500, ashton wrote
> 1. giFT is unix - until noted otherwise, so goodluck. 2. Windows
> Media is not P2P with a built in search of 1.2 million people for
> the "uber upload limit crack plugin" in which when loaded is an
> actual virus, it's very hard for joe average to get a harmful WMP
> plugin but with this method in Overnet it's too easy, plus they
> could propogate themselves through Overnet vulnerabilities on top.
>
> -----Original Message-----
> From: Pavel Kankovsky [mailto:peak@xxxxxxxxxxxxxxxxxxxxxx]
> Sent: Wednesday, December 17, 2003 6:43 PM
> To: Julian Ashton
> Cc: bugtraq@xxxxxxxxxxxxxxxxx
> Subject: Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior
>
> On 17 Dec 2003, Julian Ashton wrote:
>
> > Good question, I have been working on plugin systems suchs as giFT and
> > Windows Media for quite a while and while they can do some neat
> > things, this kind of behavoir cannot happen because of the way they
> > were architechted. When I think of "plugins" I think of 1. An sdk. 2.
> > Methods that you create that the "client" listens for. 3. All code in
> > the plugin is sent to the "client" not the OS level. 4. Mainly COM
> > (this plugin uses full use of C++/MFC in a DLL)
>
> Excuse me...how do giFT or Windows Media prevent their plugins from
> accessing the OS interface directly and doing whatever they (the
> plugins) want to do? Do they run the plugins in a virtual machine?
>
> --Pavel Kankovsky aka Peak [ Boycott Microsoft--
> http://www.vcnet.com/bms ] "Resistance is futile. Open your source
> code and prepare for assimilation."
--
Open WebMail Project (http://openwebmail.org)