In this last research on Windows shortcuts, we will demonstrate another sneaky technique to inject any kind of file without any limits on file size.
The goal, again, is to demonstrate the real dangers of .LNK files (Microsoft Shortcuts), which are wrongly considered to be safe by common users.
A little reminder: a Windows shortcut is a binary file with the extension .LNK (Link File). Shortcuts are generally used to redirect one file to another, such as launching a program from your Desktop that is installed elsewhere on your system.
Less frequently, as we discussed in one of our previous papers, you can also execute shell commands through the shortcut, a good feature for users to create little automated tasks - but also an opportunity for hackers.
For whatever reason, Microsoft has also made any icons you can find on your system easy to usurp, so you can make the ...read more...