Welcome, Guest. Please login or register.
Forums
« previous next »
Pages: [1]   Go Down

Author Topic: AREXX viruses?  (Read 1464 times)

Description:

0 Members and 1 Guest are viewing this topic.

Offline weirdamiTopic starter

  • Hero Member
  • *****
  • Join Date: Jan 2003
  • Posts: 3776
    • Show only replies by weirdami
    • Http://Bindingpolymer.com
AREXX viruses?
« on: March 11, 2004, 09:24:22 AM »
My wandering brain strikes again! :lol:

Are there any AREXX viruses? Is such a thing possible? I'm asking because I remembered something about how visual basic script viruses were causing big problems with Windows users.

Same question about SHEEP, if anything really is known about what I here's going to be the AREXX replacement. (If that bit of info has changed, let me know.  :oops: )
Logged
----
Binding Polymer: Keeping you together since 1892.
 

Offline carls

  • Hero Member
  • *****
  • Join Date: Mar 2002
  • Posts: 1047
    • Show only replies by carls
Re: AREXX viruses?
« Reply #1 on: March 11, 2004, 09:32:43 AM »
I've never heard of something like that but if you're unsure, just look at the script source code before executing it.

I Windows, VBA/VBScript viruses are made possible because you can embed such macros and scripts in the actual documents. AFAIK, all ARexx-enabled applications on AmigaOS requires the ARexx scripts to be individual files. This means that no script will be automatically executed just because you opened a spreadsheet.

Logged
Amiga: Too weird to live, too rare to die.
 

Offline Piru

  • \' union select name,pwd--
  • Hero Member
  • *****
  • Join Date: Aug 2002
  • Posts: 6946
    • Show only replies by Piru
    • http://www.iki.fi/sintonen/
Re: AREXX viruses?
« Reply #2 on: March 11, 2004, 10:18:17 AM »
Quote
Are there any AREXX viruses?

At least I haven't heard of any in the wild.

I've heard of a "proof of concept" demonstrations on multiview + AREXX combination, though.

Quote
Is such a thing possible?

Most certainly. There are several holes in amiga systems that allow execution of embedded AREXX scripts.

One is multiview displaying amigaguide document. You can embed a script that is executed once the document is displayed.

Another is a MUI string formatting code combined with APIPE:, such constructs could be sent via email or embedded to malicious web pages (though most mailers and browsers have been fixed by now).

Both vulnerabilities have been demonstrated successfully. I would imagine the only reason why such viruses don't exist is the very small amiga userbase (and many using their PC to browse and read email anyway).
Logged
 

Offline ptek

  • Sr. Member
  • ****
  • Join Date: Jul 2002
  • Posts: 328
    • Show only replies by ptek
Re: AREXX viruses?
« Reply #3 on: March 11, 2004, 10:51:33 AM »
SHEEP !

BTW : What happened to SHEEP ? Is it dead ? Never heard any news about it ...

Same question to AmigaDE? Did it turned into a ghost ?!
 :-?
Logged
Onions have layers ...
 

Offline mikeymike

  • Hero Member
  • *****
  • Join Date: Nov 2002
  • Posts: 3420
  • Country: 00
    • Show only replies by mikeymike
Re: AREXX viruses?
« Reply #4 on: March 11, 2004, 10:59:00 AM »
Well just like people are stupid enough to open executable email attachments in Windows, they could be stupid enough to open arexx scripts.

Admittedly once MS applications are out of the loop, the number of vectors for attack drop sharply :-)
Logged
 
Pages: [1]   Go Up
« previous next »