Zangocash is now Pinball Publisher Network

Hey, I've found some threads on this forum talking about the possibility to create video or audio files that automatically install an adware

so I've researched a lot and I haven't found bugs in the multimedia formats of windows, but I've found something interesting

I don't know what method the top hackers use, it could be they use some private exploit, but there's a way to accomplish this using just the tools windows give us

so the thins is called ASF script stream...if you want a more precise overview read this Summary of ASF File Specification Threat Researcher


the question is simple....ASF give us the opportunity to embed scripting in WMA/WMV files, for example we can give the command URLANDEXIT with the URL we want to be opened everytime the user open the WMA/WMV file in media player

this is the same way the DRM method by Harro works....

so you can instruct media player to open a browser window that says "You must install a codec to ....blah blah....."

ok but we know there are thousands of good exploit in the wild for web browser, so we could make the opened page autoinstall the adware

I think this is some very good method and a totally automatic one

ASF is old hat, and most users are already weary of them.

Here's a few tips to consider though: WMF+Postscript+Rename to .jpg, or CHM+Exe. There's a few less known tricks, but I'm keeping those to myself.