|
Posted by Dave Cohen on May 29, 2008, 6:39 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Let's say I have a process which can check the entire content of a
> file. This process can determine that the entire file is made up of
> ASCII characters only.
>
> So my questions are:
>
> 1. What can be written in ASCII that can be a threat (e.g. a Perl
> script or VBS script)?
>
> 2. What needs happen to have this threat executed?
>
> 3. Can I limit the number of acceptable ASCII characters such that
> threats cannot execute (e.g. do not allow characters like + < > _ \ /
> & % $ @ # : ; " , etc....)
>
> 4. Do I need to worry about obfuscated malware even given my limiting
> of the characters allowed.
The safest way to view the contents of a text file is to either drop it
onto an icon or open with file open menu item in a text editor.
It should be easy to spot if the file contains code in any language.
Even a word file with an embedded virus would be readable. Word has a
bunch of funny stuff at beginning and possibly end of file but what is
in between is readable text.
Dave Cohen
| 
XML site map