oddly enough, I was just doing a little light reading over lunch just now. and flipped through and on page 145 in Hacking Exposed 4th edition. this page covers this very topic. the Screen Saver - CD Autorun vulnerability. You can load any program onto a cd such as Back Orafice or NetBus. And create a auto run file and point it to the NetBus server.exe and it will run any program specified in the autorun file. In the book they mention a utility to run with the autorun file 95sscrk from http://users.aol.com/jpeschel/crack.htm there's also mention of another SSBypass from http://www.amecisco.com/ssbypass.htm for $40. I haven't tried doing this under 2k but I'm assuming it doesn't affect 2k. as they say in the book that the cure for this problem in NT and 98 is an upgrade to 2k. .... --------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue May 13 2003 - 16:33:47 PDT