Re: Crashing Win9x with smbclient - But NT & W2K?

[s_fritsche () YAHOO COM (Stefan Fritsche)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

seen so much about the con\con so called 'attack' here is wat i
found most recently in the german issue of a computer-magazine
(c't):

It says clearly that it has to make with old dos-behavior and
reserved device names (nul\nul in place of con\con should work as
wel). Windows is able to catch a call like c:>con but fails if you
add a sub-directory to look up.
Because this is an inheritet behaivior of dos it didn't work with any
NT.

For US-versions of windows 9x is a patch available at
http://microsoft.com/technet/security/bulletin/ms00-17.asp

hope i'm not to far off for bugtraq,
        Stefan Fritsche

> Testing on a Win2k with VFAT produced the same response as NT:
>
> C:\>dir con\con
>
>  Directory of \\.
>
> File Not Found
>
> I would assume this is probably because it is built (at least so the splash
> screens say) on the same technology as Windows NT.  Windows NT on VFAT does
> also produce the same result.
>
> Kenneth Ish
> Check Point Software

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2 -- QDPGP 2.61a

iQA/AwUBOOI9/EdBbLbcybcqEQK7NQCgj7Gt4QRRnVayFosLYX8BkM17h/gAoJjR
HBmmLgJLQceNu1e02t/LCxgo
=Hysj
-----END PGP SIGNATURE-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Personal Privacy 6.5.2

mQGiBDiYoX8RBADbVakNbCYZZ3vyghztGNlDm67DwFL7sEeGQ/aoZNfr3Zr8kPdC
SeuapdeGgZRsOY1eb1xGZZ2MCywtXmvIXM81GnfDbjaIDiqjBEONrJH0cn9GK2lb
wkAuYorRFCXFRCCFfzpfZrIBLUPXcb6Q0CPS0I5xfve5ftub0yeOH06EXQCg/3mV
ktG/ptyY3N7+7rahERnMHREEAIEvvO0XbYLwZ4CQx1EWCmsVni74VM1fPkpiNCSb
9RjCFA71mV4PaGKXyCQxFrM6+NvG2pDvI2XfTScppP0noVeyGQM/5h6I9fSaBFiK
F7VOLu+Lm/c8UX/Ysm/Ukxnw+C4rl+KS1KV6XFSabFaiG8PzGoOZQInAhD0gnttB
Mb2cA/9jnNtDwC0AJxUozlDzddDtqfQu8TZvXIxyVzmLxkLgOLTm2mOhsUE0sC6e
bBBMtq6l7Y8AyszGlKHErofdUsViOU0HxFWiBADf4FJBmouhlyeHh6tK/SAtQln4
ze/Yk+cSQYbJV7cBqkwkynaSG902M3XiYNT9u48JKEVv1Nh1j7QmU3RlZmFuIEZy
aXRzY2hlIDxzX2ZyaXRzY2hlQHlhaG9vLmNvbT6JAE4EEBECAA4FAjiYoX8ECwMC
AQIZAQAKCRBHQWy23Mm3KjvRAKCzuvhCrei2SgZ/9szznPEgLScVZgCg+ahls/mS
+LuuYHnrSKeieGKejDW5Aw0EOJihfxAMAMwdd1ckOErixPDojhNnl06SE2H22+sl
Dhf99pj3yHx5sHIdOHX79sFzxIMRJitDYMPj6NYK/aEoJguuqa6zZQ+iAFMBoHzW
q6MSHvoPKs4fdIRPyvMX86RA6dfSd7ZCLQI2wSbLaF6dfJgJCo1+Le3kXXn11JJP
mxiO/CqnS3wy9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV
89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50
T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb
zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX
Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT
CD1mpF1Bn5x8vYlLIhkmuquiXsNV6UwybwACAgv+LBP9Kc/V7yXGCQmnN1kFbzGK
7+d540dJM0ZCEgSILXCJo//Z1a5r+RweqByvP4X4ZttxAkSLZ2RLSbmQbM/4AB7b
q9/7tB2Zl8pdaB5k+mVFXrl49ZkIeB/IkTxi3negPKO6Edxz5LPpz3cztW6CzkSN
E9uLLPoVRYYXXT0jsOoOmsJWjnnFJLGo+6Z/xBbrfBB75/3a4FgyiPcXy2G28o+0
zQW7EtkfRaEAEcen97BKZyu3JSMWR42OeHX6Xk8//lhe0s139qYBpiDUbAZBCEUA
t57eiBl7b27b/0grjtjf093E7mNlenML5o2HNWBmpW5T2gbjwHz+iMGWMxbF958V
j7YoAF+/JqLqeuXIuvOpt8lixkFQ8bEch1uUDjE/5ZdIS6/yR1PSGAoFTpY2dhDf
zfPd7nuQaKbapiq+e54Jz+DKlHiIYszfqWFINYlyIRcw11SaoJIBYuk97cp32iNA
FXFTgCrlaRqLxBWP8RXtinY7dEYgS3aKywS/S+o5iQBGBBgRAgAGBQI4mKF/AAoJ
EEdBbLbcybcq7hgAn2KGcBakwq4300FTkLkZ2XZANoaIAJ9OB8PMAklpmcc+buf8
Ho6/4lL0pQ==
=MpRG
-----END PGP PUBLIC KEY BLOCK-----