It was only yesterday that we reported about a way of infecting Microsoft Windows users by using a simple shortcut trick with the BITSAdmin Tool to download and execute a remote application.
If you haven’t already read the article, please click here.
The main issue with the first example is that your firewall could potentially block the download attempt since it requires a remote http/https connection to download the file before its execution.
We found another sneaky way of exploiting the Windows shortcut with a new 0day by embedding any files (such as application files) directly inside the shortcut itself.
Yes! the application is inside the windows shortcut
This makes the malicious application fully undetectable by any antivirus software before it will be dropped and executed.
Note: An an example, in the PoC mentioned below, we decided to use this vulnerability as a file dropper, but we could ...read more...