[Gambas-user] Gmail Attachment Pipe
Christof Thalhofer
chrisml at deganius.de
Fri Feb 26 01:07:02 CET 2021
Am 18.02.21 um 07:19 schrieb Brian G:
> I mean just figuring out how to bypass the filters
Bypassing the filter is not enough. If you're bad you also have to make
sure that the file will be executable and let it be executed by the user.
Gmails 'AI' filter is not intelligent enough to detect if the code can
be executed or not. I guess, it only detects a compression format, seems
to be able to uncompress it and then finds some 'Basic' code in it. And
then it decides to block the mail. The intention is to block all these
office macro hacking attmpts.
You can bypass such a silly filter in multiple ways, that's not a
problem. The problem is to make the user unpack and execute the
malicious code if you intend to hack the user's computer.
Alles Gute
Christof Thalhofer
--
Dies ist keine Signatur
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.gambas-basic.org/pipermail/user/attachments/20210226/b3f0cecc/attachment.sig>
More information about the User
mailing list