Mail Archives: djgpp/1999/12/04/10:23:29

www.delorie.com/archives/browse.cgi

search

Mail Archives: djgpp/1999/12/04/10:23:29

From: eighner AT io DOT com (Lars Eighner)

Newsgroups: comp.os.msdos.djgpp,comp.os.msdos.programmer

Subject: Re: Weird Characters in Filenames

Date: Sat, 04 Dec 1999 05:36:41 -0600

Organization: Lars Eighner, Author

Lines: 28

Message-ID: <JzPS4AwZqUGM092yn@io.com>

References: <82988f$v00$1 AT newsg1 DOT svr DOT pol DOT co DOT uk>

<47Y14.700$_j4 DOT 22367 AT dfiatx1-snr1 DOT gtei DOT net> <82a08t1161b AT enews4 DOT newsguy DOT com>

NNTP-Posting-Host: dillinger.io.com

Mime-Version: 1.0

X-Trace: hiram.io.com 944316156 22052 199.170.88.20 (4 Dec 1999 14:02:36 GMT)

X-Complaints-To: abuse AT io DOT com

NNTP-Posting-Date: 4 Dec 1999 14:02:36 GMT

X-Newsreader: Yarn 0.92 with YES 0.22

X-ISP: Illuminati Online

X-Revision: 1

Originator: eighner AT dillinger-2 DOT io DOT com (Lars Eighner)

To: djgpp AT delorie DOT com

DJ-Gateway: from newsgroup comp.os.msdos.djgpp

Reply-To: djgpp AT delorie DOT com

In our last episode <82a08t1161b AT enews4 DOT newsguy DOT com>,
the lovely and talented mrgus AT zombie DOT net (Mr. Gus)
broadcast on comp.os.msdos.djgpp,comp.os.msdos.programmer:

|Pointless for the guy making the game but still sort of cute, you can
|use the 255 character (hold down ALT and hit 2, 5, 5) in files from
|the command line. I've had loads of fun putting friends' important
|files in nested directories consising of different amounts of ascii 255.

This is a classic (slight) security trick:  Rename the format
command and other sensitive commands with a trailing \255
(on the base name).
This is supposed to confound bad guys even if they get console
access.  The DIR listing shows the command, but you can't
tell the \255 is there, and of course entering the command without
the \255 gives a bad command or filename.

But it is a very old trick.  Renaming those commands to something
more obscure is a good idea anyway since this will defeat some
trojans.  Nothing is really going to protect you from a human
being with unlimited console access.

-- 
          Lars Eighner  700 Hearn #101 Austin TX 78703 eighner AT io DOT com
      (512) 474-1920 (FAX answers 6th ring) http://www.io.com/%7Eeighner/
              bookstore: http://www.io.com/%7Eeighner/bookstore/
     Anyone who lives within his means suffers from a lack of imagination.

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

From:	eighner AT io DOT com (Lars Eighner)
Newsgroups:	comp.os.msdos.djgpp,comp.os.msdos.programmer
Subject:	Re: Weird Characters in Filenames
Date:	Sat, 04 Dec 1999 05:36:41 -0600
Organization:	Lars Eighner, Author
Lines:	28
Message-ID:	<JzPS4AwZqUGM092yn@io.com>
References:	<82988f$v00$1 AT newsg1 DOT svr DOT pol DOT co DOT uk>
	<47Y14.700$_j4 DOT 22367 AT dfiatx1-snr1 DOT gtei DOT net> <82a08t1161b AT enews4 DOT newsguy DOT com>
NNTP-Posting-Host:	dillinger.io.com
Mime-Version:	1.0
X-Trace:	hiram.io.com 944316156 22052 199.170.88.20 (4 Dec 1999 14:02:36 GMT)
X-Complaints-To:	abuse AT io DOT com
NNTP-Posting-Date:	4 Dec 1999 14:02:36 GMT
X-Newsreader:	Yarn 0.92 with YES 0.22
X-ISP:	Illuminati Online
X-Revision:	1
Originator:	eighner AT dillinger-2 DOT io DOT com (Lars Eighner)
To:	djgpp AT delorie DOT com
DJ-Gateway:	from newsgroup comp.os.msdos.djgpp
Reply-To:	djgpp AT delorie DOT com