Badboy Bad Boy Club BadboyClub.yOfor.netbadboyclub.go.163.com This is not an authoritative textbook, only suitable for the rookie to understand Win9X, NT is uneasy, don't use this method to try in China, if you So, then all legal consequences caused by this are responsible for yourself. This article only allows any reprint in the network, but must retain the integrity of the article, such as using this article as an economic purpose, or the behavior of printing, CD magazine, etc. The procedures mentioned in this article have certain harm, if you have limited security technology, do not test. -------------------------------- Microsoft Security Announcement (M $-01-020), the wrong MIME head Leading IE Execution Email Accessories Published: March 29, 2001 Microsoft -------------- A feature manufacturer of a trip to attract people. This is not, another vulnerability to individual users has once again out, what do you need to say to the damn (Gates)? There is nothing necessary, go to the vulnerability of the vulnerability to flash in the throne! ! ! First, MIME's brief introduction 1. The basic concept of MIME You may have access to the MIME type when using the CGI program, where there is a row called the statement of Content-Type, which is used to indicate that the MIME type file (such as Text / HTML or Text / Plain) is passed. MIME is an abbreviation of MultiPurpose Internet Mail Extens, which is initially defined as an encoding method in an INTEMET electronic letter, and now it has evolved into a general method of specifying file types (any form of Internet: e-mail, usnet news and web). . If there are two programs on the Internet in connection, one of the files, the other accepts files. If you send a MIME type file, accepting the program tells you whether it can be handled by identifying it. Each file format has a set of uniform names. As for whether it is matched, this should not be a problem you worry, and most standard files have file formats corresponding to the MIME type. 2. MIME Type Working Principle MIME Types There are two parts: one is a general format of the file (such as text, image or application), then one, is a special format of the file (there is HTML, Plain format, there is GIF on the image, JPEG format). The more typical MIME type is generally text / html, image / gif, video / quicktime or Application / PostScript Once a set of standard MIME types have been defined, the new type must be registered in IANA (Internet Assigned Numbers Authority). The new MIME type must be specified in X-start commands when it is not officially approved, such as audio / x-noise-from-join or Application / X-HTTPD-CGI: When it is created a NCSA server, it can run the CGI program, including This is also this: Application / X-HTTPD-CGI and X-Serverd-Parsed-HTMLO 3. The MIME type will be used to send files to the browser on the web server and browser.
The approach is like this: (1) The browser issues a read file request to the server via the URL: (2) Remove the corresponding file from the file system after receiving the browser; (3) The server is known in the known MIME File extension comparison table Find the extension of the file, such as GIF, HTML, TXT, etc .; (4) The server sends a content-type header to the browser to indicate the type of file to be sent; (5) browser to receive Content After -type, whether it can be handled separately, whether it is also necessary to call another browser to identify. The most important part of this process is that the server saves a fixed file extension with the MIME type of comparison table. This table determines the type of file that the server can identify. The files shared in the Web generally have the correct file extension and send it with the correct Content-Type. If you want to send -. A new type of file that exceeds web definitions or you have a lot of files you have in a short time, and they all have new extensions, then you must configure your server to identify MIME types or new extensions. 4. MIME Type and Browser Usually There is a MIME type file extension comparison table, which is generally only available for "OpenFile" dialog or a file: URL named open local disk file, or in addition to HTTP The method outside the server is retrieved from the server. In most cases, the browser ignores the extension of the file sent by the server and only pays attention to content-type. Like the server, the browser usually has a MIME type with a comparison table of other browsers. This way you can set the browser to handle the file obtained from the web server, the browser makes it match the value of the browser from the value of the Content-Type header. The server profile If the new file type is added, it is very likely that the browser cannot recognize the new file it get. If you add these file types and want to use these types, you'd better add instructions in your work, indicate the passable file type, the used MIME type, and the relationship between the browser that reads this file format, and more. Second, the error of the wrong MIME head vulnerability This vulnerability is found by the Juan Carlos Garcia Cuartango Security Panel, which found that there is a problem in the processing abnormal MIME type, and an attacker can create an attachment containing executable files. HTML Email and modify the MIME header so that the IE does not correctly handle the execution file attachment specified by MIME. In general, if the attachment is a text file, IE will read it. If it is videoClip, IE will view, if it is a graphic file, IE will display it, but if it is an exe file, IE will prompt the user to execute, but have The hazard is that after the attacker changes the MIME type, IE will not run directly without prompting the user, so that the attacker adds the programs or attack commands to the attacker to envision. We will be analyzed later. Windows95 / 98 / ME Winnt4 Win2k Microsoft Internet Explorer 5.01Microsoft Internet Explorer 5.5 has this vulnerability. The security team provides a simple implementation of the Hello.eml program for testing.
(Edit the following procedures to Hello.eml files) from: "xxxxx" Subject: Maildate: Thu, 2 Nov 2000 13:27:33 0100mime-version: 1.0content-type: multipart / related; type = "Multipart / alternative = "1": 3x-msmail-priority: NormAlX-unsent: 1--1content-type: multipart / alternative; boundary = "2" - 2content-type: text / html; charSet = "ISO-8859-1" Content-Transfer-Encoding: quoted-printable
