Re: What about NT's AUTORUN Vulnerability!

["O'Kelly, Aidan" <okelly () XNET IE>]

A quick explanation, you can place an autorun.inf file on ANY drive, so if
you have permission to write to C:\ or D:\ or any local drive (by default
any user does, on NT4 and Win2k) and you can tell it to run an exe when that
drive is accessed. The autorun.inf gets processed when you open the drive in
'My Computer' (explorer.exe) so you can place a trojan or some code to add a
user to the admin group or whatever and make an autorun.inf that runs is,
and put it on C:\, then when the admin browses C:\ it will run. Im not sure
what MS did to fix this.

> -----Original Message-----
> From: Nelson Brito [mailto:nelson () SECUNET COM BR]
> Sent: 09 February 2000 17:06
> To: VULN-DEV () SECURITYFOCUS COM
> Subject: What about NT's AUTORUN Vulnerability!
>
>
> Hi developers,
>
> I have a question, does someone knows a little bit about "Windows NT's
> autorun.inf Vulnerability"?
>
> Note, it's not about CDROM's AUTORUN.INF, detailed in a lot of "NT's
> Checklists", it's about a autorun.inf file placed in other "mount
> point".
>
> Does someone have the BUGTRAQ's Discussion about this TOPIC?
>
> I wondered post some code I have made and talk about this problem.
>
> Sem mais,
> --
> Nelson Brito
> "Windows NT can also be protected from nmap OS detection scans thanks
> to *Nelson Brito* ..."
>               Trecho do livro "Hack Proofing your Network", página 93