Vulnerability Development mailing list archives
Re: Crashing Win9x with smbclient - But NT & W2K?
From: magusbaal () MINDSPRING COM (Magus Ba'al)
Date: Mon, 27 Mar 2000 04:29:53 -0700
I have tried it on Win2K Professional, Server and Advanced Server and could NOT get the con/con (or any other for that matter) to crash, blue screen, affect the system in anyway (such as memory usage, memory usage, response time, etc.), or at least noticably anyway, I've been testing it for the past few days and I haven't had to restart the boxes at all. "He who fights with monsters should look to it that he himself does not become a monster...when you gaze long into the abyss the abyss also gazes into you." -Friedrich Nietzsche "Push and you will find resistance, lead and you will find followers" - Unknown Author ----- Original Message ----- From: "Bluefish" <11a () GMX NET> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Sunday, March 26, 2000 10:01 PM Subject: Crashing Win9x with smbclient - But NT & W2K?
The exploit of con\con has so far only been adressed to the singleuser versions of Windows (Win9x), but a quite more interresting topic is weather the attack can be carried out on NT and Win2k systems. My idea is that initial testings might incorrectly lead to the assumption that those systems were invulnerable because NT typically use NTFS and the bug was related to the VFAT module. Could be interresting to know if someone with access to different NT/Win2K builds could test if there's any problem with asking for e.g. d:\con\con if d: is your VFAT partion. (sorry, don't have NT installed on any of my machines) ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team
Current thread:
- Re: Intel Corporation, Express 550F Switch unlimited password attempts, (continued)
- Re: Intel Corporation, Express 550F Switch unlimited password attempts rpc (Mar 15)
- Re: Intel Corporation, Express 550F Switch unlimited password attempts David Schwartz (Mar 19)
- CGI directory path NiGHTfly (Jul 07)
- Re: CGI directory path Vladimir Dubrovin (Mar 20)
- Re: CGI directory path mock () ACTIVESTATE COM (Mar 20)
- Re: Intel Corporation, Express 550F Switch unlimited password attempts rpc (Mar 15)
- Re: Crashing Win9x with smbclient Marc (Mar 14)
- Re: Crashing Win9x with smbclient Drew (Mar 14)
- Re: Crashing Win9x with smbclient Edsel Adap (Mar 15)
- Re: Crashing Win9x with smbclient Bluefish (Mar 20)
- Crashing Win9x with smbclient - But NT & W2K? Bluefish (Mar 26)
- Re: Crashing Win9x with smbclient - But NT & W2K? Magus Ba'al (Mar 27)
- Re: Crashing Win9x with smbclient - But NT & W2K? vventura () SIA PT (Mar 27)
- Re: Crashing Win9x with smbclient - But NT & W2K? Kenneth Ish (Mar 27)
- Re: Crashing Win9x with smbclient - But NT & W2K? Stefan Fritsche (Mar 29)