Does someone know of any .exe( or any other extension) file that once uploaded through ftp, tftp , or dropped through a network share , that would autoexecute itself?
I am pretty sure is possible! Or isn't?What kind of file would that be? A virus maybe?

Thanks!

Blooblehead.exe

Probably just right as my co-respondents may expand!

Off with his head

Blooblehead.exe

Probably just right as my co-respondents may expand!

Off with his head

I'm kinda partial to Queef.exe

I have experience of just such and I do indeed concur.

Quite right to add it to list!

I knew it! Keep your pants on little boys! It was just a question? :D haha!

I knew it! Keep your pants on little boys! It was just a question? :D haha!

Realizing it was just a question, but did you think it out before you asked it? Anything that runs on a computer is based upon an instruction from somewhere, whether it be from a Luser or from the OS. So just dumping a file on a harddrive and not providing an instruction from somewhere (SE in the case of the Luser, or adding it to the registry/startup in the case of the computer) is going to do no good.

Nothing on a computer runs own it's own.

Thank you Streaker69!

I know it sounded "script kiddie" like,not my intention.!It's related to an ftp account on my server that I will create for a buddy of mine and on open port through the firewall!
And to end this, 10q to you all!

Hmmm.....

Consider though that there are more numerous (and more graceful) ways of exploiting a (badly configured/poorly secured/flawed/unpatched) FTP server than simply dropping a file onto it and then running the file ;)

True that!:o

This is not a pentesting question so I am moving it to the general discussion area.

The questions you should be asking yourself are

Why am I setting up ftp access to my system for someone I obviously don't trust.

How secure is my system.

What bugs and vulnerabilities does the FTP server software have, and what dangers do they present.

AND

Why am I setting up ftp access to my system for someone I obviously don't trust.

Hello,

Moderators before insulting godcronos intelligence, his question is actually good..
Scripting or programming question?
The purpose of an FTPd is create a bridge between the client and server, so the client can transfer files that are going to be used for some purpose, no one asked what the purpose would be, if inside his share he has access to some web folder and the web server has some kind of server side scripting language (php, asp, etc..) all he has to do is upload the script than access it..........

I really dont know why people have to be so rude around here, when I downloaded BT and first booted it, the screen went black but nothing happend (because i had to press enter but my keyboard wasnt recognized), so I went to the IRC channel to see if I could get some help, well some @ I wont name, got my question wrong and told maybe I should "rm -rf /" to fix my error, i said "that wont work", another member of the channel that i also wont name said "rofl the idiot is probably trying rm -rf / from the live cd"...........

How would I get shell access if the O.S had didnt even started?

Even my pet monkey knows that.
sorry for my poor english................

I didn't read anything insulting in what balding parrot had to say. You on the other hand seem to have a bad attitude which is frowned upon. We are not mean by the way. The real point is this IS NOT a beginer linux forum. If you don't know squat about linux I recommend unbuntu as it is very gui friendly. I for one always answer a newbie question but I will add some sarcasm if it is something that could have been found with a simple google search or a little reading. I belive that we are extremely helpful with silly questions. So what are YOU bringing to our forum or did you just come to complain. serry fo me bad enlish.

Not moderators, sorry, I mean the Senior Members.....
Read your post again this is the kind of behavor i mean.

But hey suit yourself, its "your" forum.

yes and if you are not happy you still can go here (http://www.netstumbler.org) they are very kind in comparison of us :p

Wow...I can't believe that a question can turn into something like this.Hey,everybody has a point. Wuefez- you are right, everything is possible. About googling. I tried that first, because I knew that such a question would be answered with a little sarcasm and I will be probably looked at like a "s.kiddie".
And I read forums after forums.Some didn't seemed to have a full answer or no answer at all.The experts didn't bother, since SOME looked down on the so called "newbies" or "script kiddies" with disrespect. But they, I just hope I never become like that; I hope that I can pass on to the next "computer dude" some if not all of my knowledge. I really don't want to start having a bad rep for taking this sh?t too far.So I will just drop this subject.
This question about file infected file, that once dropped on a pc will open a port from inside out through my firewall has been bothering me for some time. And i was wandering if such a thing is possible.Remember, that the greatest threats are from inside out(a.k.a from users and such) and not from outside in.Because now that XP with SP2 came out(that as default has the firewall on) , I think that a lot of "crackers" are bothered. I "pentested" patched and unpatched Windows systems, with or without a firewall. I found shares, of course, Microsoft has been pretty good at keeping up with the latest flaws so some old techniques don't always work. And this is how my question was born.
Is it possible for somebody to drop through an FTP or share a "virus???" and take over your system? It can just execute a command at a certain time, or even when the user just double clicks on that damn file and launches a program that just waits for the cracker to connect to it. Instant shell ! Am I right?
That could have been an answer! But the expert didn't bother! Since this forum is about security, hacks or cracks, ideas people get to exploit new flaws , I thought I would give it a shot! Of course, I still trust all of you for future questions! One small thing won't ruin it all! FYI !
So please, let's all of us get back to our readings, cause damn this damn books are like over 300 pages and to your coding and pentesting and not argue about little stuff like that!

I thank you all for you time!:)

The answer to your question is YES. A infectious piece of malware can be transferred via ftp. As a rule of thumb anytime there is a service running on a open port in a "listning mode" it makes the machine more vunerable. The best plan of defense is to stay up on vunerabilities on bugtraq and other such sites. I'm so sorry you guys don't feel I am meeting your standard of helpfulness. If you have any more questions I'd be delighted to answer them.

I think you've been doing a great job so far! Everybody is no.1 in my book, but as we all know, not everybody is a happy person. I think the software is awesome and I read its getting better. You dudes rock! There will always be people that don't have something working properly and that's why we come to you all, that's why knowledge should be shared!
I respect people that deal with people, online or offline( in person, phone, etc). It's a tough job!
I sometimes think I was born tired!:)
Gotta go to bed!

I have reviewed your question.

Yes, it is possible to encapsulate one program inside another and to have it self executing. I have done such a thing and it is very effective. The target operating system was Windows. The result now is that Windows anti-virus programs find the signature of the program and report it as a virus potential and segregate it.

It can be transported into the target system by a number of means.

The most common means for involuntary transportation is by http.

The use of ftp is discouraged and SE Linux augmentation ensures that it is disabled by default.