-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > >For instance, "%SystemRoot%" would eliminate the need for > >"C:\windows" I tried this in the original sample provided by Magnus Bodin, it doesn't work, I recogn the variables aren't parsed. Maybe with more Jscript knowledge it is possible however. The same with parameters btw.. Trying to run 'c:/windows/system32/format.com c: /q /autotest' fails and so does 'c:/windows/system32/cmd -C format.com c: /q /autotest'. This is good, since this vulnerability can not be easily used for creating real havoc. But as soon as someone finds out how to parse parameters the sh*t will hit the fan.. I can image commands like 'net send * w00t w00t' being funny, but 'format c: /autotest' isn't. > This is a newbie question, > but where can I find a list os system variables and its > compatibility thru versions of windows? By running SET from a command shell (without parameters) you het a list of all system variables. With regards, Maarten Oosterink System Administrator Digital Technology dpt. Netherlands Forensic Institute Ministry of Justice - The Netherlands Phone +31 (0)70 413 5 402 Fax +31 (0)70 413 5 441 E-mail maartenat_private - PGP Key: http://www.holmes.nl/maarten.asc -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPJCJKoa/klkcnTclEQJJhwCgq/D9IB/qpyzbQl5GL8jJl6GP1eUAn2Kx 6sE0wp4Lx6nbiGuKQ2srCi7M =iP42 -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu Mar 14 2002 - 08:41:51 PST