Vista under the file name spoofing-vulnerability warning-the black bar safety net

ID MYHACK58:62200713616
Type myhack58
Reporter 佚名
Modified 2007-01-06T00:00:00


Open a folder say, E:\test that blank space right click, select Properties, select Customize, and then you can give the folder a icons, this may the earth people know, but Vista has more fun things, first just to a folder change icon, click OK, and then open the current folder under the desktop. ini the method on the lot, the most simple: directly on the address bar of the current path followed by the input \desktop. ini enter, of course, if you enabled“show system and hidden files”, then double-click the open Notepad pop up, plus so the sentence:

LocalizedResourceName=Hacked By est

Save, close Notepad.

Put the desktop. ini renamed into the other, such as the desktop. ini2, and then changed back, then, to return to the previous folder, shortcuts Backspace, Halo, I'm teaching introductory knowledge to see, the folder name into? ! ! To continue the fun, first of all in just the folder the following new sub-folder, for example I here is E:\test\subtest\ again to open just the desktop. ini, add the lines:

[LocalizedFileNames] subtest=Another Name

Next, again, save, close Notepad, the desktop. ini changed to other names, such as the desktop. ini2(this is done in order to make the explorer refresh, re-applied the desktop. ini properties, and then change it back, press F5 to refresh the current folder, look at the subtest folder name is not turned into Another Name for? ! ! In fact the folder name does not change? No. Don't believe the point about the Vista Explorer's address bar, and Oh, as shown in Fig. ! ! This trick has what use? The advantage is that I can build an abbreviation of the name of the folder, it is easy to enter the path, and then use the desktop. ini so modified, the display to fulfill that aesthetic. To harm to think of it, I have a trojan.exe, icons and Word documents, like, put in a name virus\ folder, this virus\ folder with a desktop. ini put trojan.exe disguised as letter.docx Office 2 0 0 3 and ago is . doc, 2 0 0 7 is . docx format, then, the social engineering and let the user click on this file...... Ordinary users will say that the name of this file is letter.doc not letter.doc.exe is safe, you can open, double-click after the...... Everything is over.

Figure the inside there are two files, a fake letter.docx in fact an exe, double-click to run directly, the icon with ResHacker the disguise of the Word 2007 icon, another Normal Word Document.docx is the real Word 2 0 0 7 document. Alone appearance, you can distinguish between exe and docx? ALL RIGHTS RESERVED, reproduced please indicate the source.

How did I discover this secret? Here:

%appdata%\Microsoft\Windows\Start Menu\desktop. ini %appdata%\Microsoft\Windows\Start Menu\Programs\Accessories\desktop. ini