Vulnerability Development mailing list archives
RE: Winnt/Win2k Vuln ?
From: "Red Pantz" <redpantz () crackdealer com>
Date: Mon, 13 Aug 2001 06:30:09 -0700
Jeremy, This is not case specific. You can run (almost) any file of your chosing. And the file being executed runs only w/ the permission that are already supplied for the user (so far ;) )
"Jeremy Rodriguez" <jrodriguez () intellinet-tech com>Cc: <vuln-dev () securityfocus com> RE: Winnt/Win2k Vuln ?Date: Fri, 10 Aug 2001 14:33:03 -0400 Regular users have read, read and execute permissions. Is the significance, that the autoexec.bat can be altered and then ran? How is this possible without write permissions? If one can alter it, then it could be exploited. -----Original Message----- From: Mike Duncan [mailto:security () randomtask net] Sent: Thursday, August 09, 2001 2:26 PM To: Red Pantz Cc: vuln-dev () securityfocus com Subject: Re: Winnt/Win2k Vuln ?- copy autoexec.bat to ..\desktop - rename autoexec.bat to www.google.com (can be any url) - then go to IE and type "www.google.com" - your batch file is then ranConfirmed on Win2K Pro SP1 (5.00.2195) with IE 5.50.4522.1800 (56-bit). Actually IE tried to download the www.google.com file probably because of the '.com' extension. I also went to START/RUN and typed in www.google.com and it tried to run it too (actually giving me an error about it was not a vaild Win32 App). -- Mike Duncan security () randomtask net http://www.randomtask.net "This is what happens when parents make their kids play with dried up Play-Doh." - Tim Mullen
------------------------------------------------------------ [- Get your own free e-mail @ http://www.crackdealer.com -]
Current thread:
- Re: Winnt/Win2k Vuln ?, (continued)
- Re: Winnt/Win2k Vuln ? Meritt James (Aug 10)
- RE: Winnt/Win2k Vuln ? David Schwartz (Aug 10)
- Re: Winnt/Win2k Vuln ? Meritt James (Aug 10)
- Re: Winnt/Win2k Vuln ? Ben Ford (Aug 10)
- Re: Winnt/Win2k Vuln ? Kevin Gagel (Aug 10)
- Re: Winnt/Win2k Vuln ? Meritt James (Aug 10)
- Re: Winnt/Win2k Vuln ? Ben Ford (Aug 10)
- RE: Winnt/Win2k Vuln ? David Schwartz (Aug 11)
- RE: Winnt/Win2k Vuln ? Louis-Eric Simard (Aug 12)
- RE: Winnt/Win2k Vuln ? David Schwartz (Aug 12)
- RE: Winnt/Win2k Vuln ? Louis-Eric Simard (Aug 12)
- RE: Winnt/Win2k Vuln ? David Schwartz (Aug 11)
- Re: Winnt/Win2k Vuln ? sween (Aug 13)
- Re: Winnt/Win2k Vuln ? J. Bol (Aug 14)