Bugtraq mailing list archives
Re: Exploit: Windows95/98/ (NT?) Autorun
From: aleph1 () NATIONWIDE NET (Aleph One)
Date: Tue, 26 May 1998 14:36:00 -0500
This is a summary of this thread. I am killing it here. Craig Ozancin <cozancin () axent com> informs us that that Windows NT will not perform the AutoRun function while the screen saver is active. Ansar Mohammed <amohammed () carib-link net> points out that the AutoRun feature is disabled on floopies disks by default. Matt Hallacy <poptix () INGS COM> points out that the are commercial products that exploit this feature to unlock workstations. For example http://www.ips-corp.com/ssunlock.htm Axon <axon2017 () students johnco cc ks us> show us how to disable the AutoRun feature: 1) Get to the "System" Control panel. This is accessible by right clicking on the "My Computer" icon and selecting "Properties" or by selecting "System" from the control panel. 2) Choose the "Device Manager" tab in the System Properties window, and Expand the "CDROM" branch by clicking on the + next to it. This will display all CD-ROM devices attached to your computer. 3) Select a CD-ROM drive, then click on the "Properties" button. This brings up the "CD-ROM Properties" window. Select the "Settings" Tab. 4) The Checkbox labeled "AutoInsert Notification" is what controls AutoRun. Make sure it is unchecked, then click OK, then Click OK again in the System Properties window. When you restart, your CD-ROM Should not AutoRun anymore. Matt Hallacy <poptix () INGS COM> points out that the Windows 95 screen saver password is easily decrypted. You can find several programs that will print out the password. For example: ftp://null.angel.nu/projects/95sscrk.zip. He also points out the most of the time the screen saver password is identical to the login password to the machine and other services. Aleph One / aleph1 () dfw net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Current thread:
- Re: Exploit: Windows95/98/ (NT?) Autorun Aleph One (May 26)
- Re: Exploit: Windows95/98/ (NT?) Autorun Adam Shostack (May 26)
- Windows95/98(?) Screensavers CrazyLinux (May 26)
- <Possible follow-ups>
- Re: Exploit: Windows95/98/ (NT?) Autorun Christian Groessler (May 28)