Moderator, if this bug is known please reject my posting. Disclaimer: Dont bother me if this affects you. I really dont care. content: paranthesis hell. Description: 'The matrix code screensaver' - created using '16 Bit CineMac Screen Saver Engine (avail. at www.screentime.com'(which is probably responsible for this) - (it scrolls nice 'matrix-like' green graphics across the screen, i bet you've seen it)) available at http://knudergud.dk/matrix.exe ($crc==29B3E21A) ((and a LOT of other places) - virus clean area, i know its an .exe, but it was distributed this way 'cause it's an installer - perform tests in closed labs etc. etc.)) contains perhaps the worst error i have seen to date. The program apparently performs it's own password checking instead of using the windows screensaver routine, god knows why. They even made it look just like the real thing, but its not. One word: insufficient. 'Exploit': /* Begin: -=souper==douper==l337==h4xx0r==0-d4y==spl0it==scriptkiddies==might==wanna==alter==this==hint==substitute=='keypress'==with==reset==button=- */ activate the 'ask-for-password' field in any way by performing a keypress or mouse movement, when the password dialog comes up press cancel and swiftly do anything else, like a keypress or mouse movement. Hey presto, screensaver gone. /* -=souper==douper==l337==h4xx0r==0-d4y==spl0it==scriptkiddies==might==wanna==alter==this==hint==substitute=='keypress'==with==reset==button=- :end */ thought: I had some thoughts on this, but i forgot them. Someone else might care to elaborate this, and someone might even have a copy of the CineMac Screen Saver Engine available for testing. /*upon redistribution of this please keep the facts straight.*/ the matrix has you.. yeah. _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
