Re: Winnt/Win2k Vuln ?

From: Fab Siciliano (fsicilianoat_private)
Date: Fri Aug 10 2001 - 18:46:47 PDT

Next message: Ben Ford: "Re: Winnt/Win2k Vuln ?"

Previous message: H C: "Re: Intrusion Automation"
In reply to: Kevin Gagel: "Re: Winnt/Win2k Vuln ?"
Next in thread: sween: "Re: Winnt/Win2k Vuln ?"
Next in thread: J.D. Meek: "Re: Winnt/Win2k Vuln ?"
Reply: sween: "Re: Winnt/Win2k Vuln ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

How is this a vulnerability?
I am still prompted to whether I want to save the file to disk, or run it 
from it's current location. The file just doesn't execute unless you want 
it to.

-Fab


At 03:34 PM 8/10/2001, Kevin Gagel wrote:
>You are incorrect.
>I am using win2k pro with sp2.
>I created a batch file and saved it to my desktop. It simply echoed
>hello.
>I renamed it to our web site with a .bat on the end.
>Then in IE addressbar I typed the www address of our web site and the
>batch file ran.
>
>"Rio Martin." wrote:
> >
> > I could confirm this, as long as you put executeable file in desktop, then
> > you will be able to open it. Extension .BAT wont run. Only .COM will run.
> > I also try to rename the file to www.somekind.org and it just showing "Open
> > With ..." window.
> >
> > Regards,
> > Rio Martin.
> > http://marsud.org/
> >
> > _
> > "Red Pantz" <redpantzat_private> wrote something like this:
> > > Hello all,
> > > I have found that if you name a file (can be any data file) a certain 
> URL,
> > on your desktop, and then g0 to IE and type that url, the web site will not
> > come up, only the program that was named the certain.confusing?
> > > i.e.
> > > - copy autoexec.bat to ..\desktop
> > > - rename autoexec.bat to www.google.com (can be any url)
> > > - then go to IE and type "www.google.com"
> > > - your batch file is then ran
> > > a few issues i have w/ this is:
> > > - the prog will only run if it is on your desktop
> > > - if you type "http://www.google.com", for example
> > >   it will not run(unless u name your file the same thing)
> > > - it has only been tested on Win2k SP1, Winnt 4.0 SP6a w/ IE 5.5
> > > - it doesn't seem to have any privelage escalation (all progs are run as
> > the current user logged on)
> > > Just want a few others to try it and see wut they think
> > > thanx alot
> > > redpantz
> > >
>
>--
>=============================
>Kevin W. Gagel
>Network Administrator
>College of New Caledonia
>gagelat_private
>(250)561-5848 loc. 448
>=============================

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Fab Siciliano
Networks and Security
Tel - 215.712.6200 Ext. 312
Optium, Inc.
"Break-Through Technology for Optical Transmission"
http://www.optiumcorp.com
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Next message: Ben Ford: "Re: Winnt/Win2k Vuln ?"
Previous message: H C: "Re: Intrusion Automation"
In reply to: Kevin Gagel: "Re: Winnt/Win2k Vuln ?"
Next in thread: sween: "Re: Winnt/Win2k Vuln ?"
Next in thread: J.D. Meek: "Re: Winnt/Win2k Vuln ?"
Reply: sween: "Re: Winnt/Win2k Vuln ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 19:43:43 PDT