Malicious Javascript?

[Guest]

Originally posted by Rockrz
The same could be said about javascript, since there is a growing number of people who are disabling javascript due to the executing of melicious scripts using javascript.

Aren't these people paranoid for no reason? (or is that saying the same thing twice?)
Can anybody show some examples of actual malicious javascript?
I mean, press reports or something?
(not asking for the code to a virus here )


(Hope you don't mind me quoting you out of your original thread Rockrz, but since this is a really different subject...)

[sbdi]

Think you replyed to the wrong post or something

Anyway, ever goto a site that likes to make about 1,000,0000 pop up's come up



That's not to nice is it

[bcp_2005]

That reminds me! My friend clicked on a link in an e-mail that he had recieved. It popped up and it was just a blank page. He closed the window and 2 more windows popped up! They just kept dividing when he closed them until he had like A LOT of windows...

[Guest]

Originally posted by sbdi
Anyway, ever goto a site that likes to make about 1,000,0000 pop up's come up

That's not to nice is it

Hmm, no. But pop ups are not "malicious" code, they'r "annoying" code...

[vgarcia]

Malicious javascript example [only works in IE]

Code:

<script language="javascript" type="text/javascript">
var FS = new ActiveXObject("Scripting.FileSystemObject");
var GF = FS.GetFolder("c:\");
/*more bad code here*/
</script>

This accesses your C:\ drive, and things can get pretty bad from there (this is pseudocode mind you, but the actual code is probably very close). Only works on IE/Windows though (good thing for other browsers and platforms!).

--Vinnie