Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft Windows keybd_event validation vulnerability

From: "cy.wang" <wangchunying () snda com>
Date: Wed, 7 Sep 2005 09:21:56 +0800
hi

    what's the effect of this 'vulnerability' ?
    it seems that messages can't be carried from a USER desktop to a prerogative desktop .

Regards,

c.y. wang
security analysis engineer
Shanda Interactive Entertainment Co. Ltd, Shanghai, China.
Phone: +86-21-50504740-5046
Email: wangchunying () snda com
  
----- Original Message ----- 
From: "Jerome Athias" <jerome.athias () free fr>
To: "Frederic Charpentier" <fcharpen () xmcopartners com>
Cc: <bugtraq () securityfocus com>; <full-disclosure () lists grok org uk>
Sent: Tuesday, September 06, 2005 7:20 PM
Subject: Re: [Full-disclosure] Microsoft Windows keybd_event validation vulnerability



It was posted by Andres Tarasco to full-disclosure allready

Additionaly:

1) french version of the advisory:
 http://www.athias.fr/alertes-bulletins-securite/20050905_Microsoft.Windows_Validation.keybd_event.html

2) I use to use this trick to obtain SYSTEM privileges with just ADMIN
privileges:

AT 20:00 /INTERACTIVE cmd.exe

Cheers,
/JA

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: