Anyways, I hold your opinion in high regard and do agree that your link looks quite clickable. Just wondering what's causing me to not be able to reproduce it.
-
-
Replying to @0xdade @MalwareTechBlog
That was just a zero-width space between the URL and the path to make it look like one long URL.
1 reply 2 retweets 16 likes -
Replying to @taviso @MalwareTechBlog
Ohhhh damn how did I not realize the zero width space would be so useful there. Very well done.
1 reply 0 retweets 7 likes -
Replying to @0xdade @MalwareTechBlog
Haha, that obfuscation trick worked on you, so no doubting
You can try to copy this if twitter doesn't mangle it: http://bit.ly \\?\C:\Users\dade\Downloads\exploit.bat:2 replies 2 retweets 15 likes -
Replying to @taviso @MalwareTechBlog
Yup okay that replicates it. That's sneaky and awesome.
1 reply 0 retweets 6 likes -
1 reply 5 retweets 15 likes
-
Replying to @0xdade @MalwareTechBlog
Okay, how about this one (hxxp to avoid twitter munging, http works in Zoom): \\?\hxxp://youtube.com/watch?v=123124124&title=ZXhwbG9pdAo=\..\..\..\..\Users\dade\Docume~1\exploit.bat I should have been a phisher
4 replies 9 retweets 31 likes -
Also, these last few examples require you to have malware already waiting on disk for you to execute it, no?
1 reply 0 retweets 0 likes -
no
1 reply 0 retweets 0 likes -
So exploit.bat in these examples isn’t already on your computer waiting to be executed? If not where is it coming from?
1 reply 0 retweets 0 likes
It's not a vulnerability to download files, web browsers will download files automatically without prompting. It is trivial (and not a bug) to populate Downloads with malicious files, this bug will then execute it without prompting.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.