Slacker News Slacker News logo featuring a lazy sloth with a folded newspaper hat
  • top
  • new
  • show
  • ask
  • jobs
Library
← Back to context

Comment by jeroenhd

8 months ago

.scr files are untrusted because they're plain PE executables. You don't need to exploit anything to get code execution because all they do is execute code.

If they were just video files, they wouldn't be such a vector for malware.

1 comment

jeroenhd

Reply
1970-01-01  8 months ago

You still need to priv esc

Slacker News

Product

  • API Reference
  • Hacker News RSS
  • Source on GitHub

Community

  • Support Ukraine
  • Equal Justice Initiative
  • GiveWell Charities