RE: directory traversal

["Shane Miller" <SMiller () suntech com>]

Simply put, Cmd.exe is different then Command.com. Notice the header on
your W2K machine when you start/run/cmd vs command.
Command.com is a 16-bit command interpreter program. Cmd.exe is a 32-bit
win32 application. Notice long file/directory name handling between the
two by experimenting with 'cd' command. 

HTH
Shane
  

> -----Original Message-----
> From: Jim Nanney [mailto:jnanney () datasync com] 
> Sent: Tuesday, February 05, 2002 4:29 PM
> To: Strumpf Noir Society
> Cc: vuln-dev () securityfocus com
> Subject: Re: directory traversal
>
>
> I'm just a lurker here, but a simple thought...
>
> I saw this and thought well it probably has to do with 
> cmd.exe of win2k
>
> On my win2k machine using cmd.exe:
> ************************************
>
> C:\>cd winnt\system32\drivers
>
> C:\WINNT\system32\drivers>cd \...\
>
> C:\>
>
> on my win98 machine using command.com
> *************************************
>
> C:\>cd windows\system32\drivers
>
> C:\WINDOWS\SYSTEM32\DRIVERS>cd \...\
> Bad command or file name
>
> C:\WINDOWS\SYSTEM32\DRIVERS>
>
> Can't give you reasons why, but given the little information 
> supplied I would bet it would be system calls opening a shell 
> and thus the reason for the /.../ working on win2k and not 98.
>
> --Jim Nanney
>
>
> On Tue, 5 Feb 2002, Strumpf Noir Society wrote:
>
> > Hi,
> >
> > Does anyone know any reasons why a good ol' "triple dot" directory 
> > traversal ("/.../") would succeed on Win2k only and not for 
> example on 
> > Win9x systems running the exact same application and configuration?
> >
> > Much obliged :)
> >
> > Thejian
> >
> > --
> > Best regards,
> >  Strumpf Noir Society                          
> mailto:vuln-dev () labs secureance com
> > "Mere 
> accumulation of observational evidence is not proof."
> > -- Death, "The Hogfather"