Irregular Expressions

Jul 19 2010   8:48AM GMT

Windows lnk file vulnerability

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

You will want to follow this thread.

Really great idea, the lnk just points to the malware and all you have to do is a file scan of the directory with the file and your done.  This also works on remote shares.

Here is the same link from the sans article,

And here is a link to the code if you are interested!

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: