NT TS / Win 2K and F7 - Enter bug

[<liamh () spook thevenue org>]

I've got this working, albeheit differently on Win NT/Terminal Server, and
2K Terminal server. Here's an interesting little obfuscation exploit that
works:

1) Log on to TS
2) run cmd.exe
3) do the F7 - Enter exploit

This hangs the cmd.exe window, and this task cannot be ended normally.

Now:

4) Log on as an administrator
5) Bring up Terminal Server Administration
6) Log off the user above

The user's will disappear from the list.

However, the user will still be logged on!
Not only that, but the user can continue to excecute commands (except
cmd.exe) for about 1/2 hour (didn't time it, so I'm not 100% sure).

Also note, Terminal Server Administration may hang in this state when you
try to do a user list.

Cheers,
Liam