Full Disclosure mailing list archives
Re: Microsoft Windows keybd_event validation vulnerability
From: "cy.wang" <wangchunying () snda com>
Date: Wed, 7 Sep 2005 09:21:56 +0800
hi what's the effect of this 'vulnerability' ? it seems that messages can't be carried from a USER desktop to a prerogative desktop . Regards, c.y. wang security analysis engineer Shanda Interactive Entertainment Co. Ltd, Shanghai, China. Phone: +86-21-50504740-5046 Email: wangchunying () snda com ----- Original Message ----- From: "Jerome Athias" <jerome.athias () free fr> To: "Frederic Charpentier" <fcharpen () xmcopartners com> Cc: <bugtraq () securityfocus com>; <full-disclosure () lists grok org uk> Sent: Tuesday, September 06, 2005 7:20 PM Subject: Re: [Full-disclosure] Microsoft Windows keybd_event validation vulnerability
It was posted by Andres Tarasco to full-disclosure allready Additionaly: 1) french version of the advisory: http://www.athias.fr/alertes-bulletins-securite/20050905_Microsoft.Windows_Validation.keybd_event.html 2) I use to use this trick to obtain SYSTEM privileges with just ADMIN privileges: AT 20:00 /INTERACTIVE cmd.exe Cheers, /JA
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft Windows keybd_event validation vulnerability Andres Tarasco (Sep 05)
- RE: Microsoft Windows keybd_event validationvulnerability Debasis Mohanty (Sep 06)
- Re: Microsoft Windows keybd_event validationvulnerability Frederic Charpentier (Sep 06)
- <Possible follow-ups>
- Microsoft Windows keybd_event validation vulnerability Frederic Charpentier (Sep 06)
- Re: Microsoft Windows keybd_event validation vulnerability Jerome Athias (Sep 06)
- Re: Microsoft Windows keybd_event validation vulnerability cy.wang (Sep 07)
- Re: Microsoft Windows keybd_event validationvulnerability Dave Korn (Sep 06)
- Re: Microsoft Windows keybd_event validation vulnerability Ansgar -59cobalt- Wiechers (Sep 07)
- Re: Microsoft Windows keybd_event validation vulnerability Jerome Athias (Sep 06)
- RE: Microsoft Windows keybd_event validationvulnerability Debasis Mohanty (Sep 06)