Vulnerability Development mailing list archives
Re: Winnt/Win2k Vuln ?
From: "J.D. Meek" <jdmeek () edgenet com>
Date: Fri, 10 Aug 2001 15:04:11 -0500
Works on Win2k SP2 as well. This could cause some mischief. ;-} J.D. "Rio Martin." wrote:
I could confirm this, as long as you put executeable file in desktop, then you will be able to open it. Extension .BAT wont run. Only .COM will run. I also try to rename the file to www.somekind.org and it just showing "Open With ..." window. Regards, Rio Martin. http://marsud.org/ _ "Red Pantz" <redpantz () crackdealer com> wrote something like this:Hello all, I have found that if you name a file (can be any data file) a certain URL,on your desktop, and then g0 to IE and type that url, the web site will not come up, only the program that was named the certain.confusing?i.e. - copy autoexec.bat to ..\desktop - rename autoexec.bat to www.google.com (can be any url) - then go to IE and type "www.google.com" - your batch file is then ran a few issues i have w/ this is: - the prog will only run if it is on your desktop - if you type "http://www.google.com", for example it will not run(unless u name your file the same thing) - it has only been tested on Win2k SP1, Winnt 4.0 SP6a w/ IE 5.5 - it doesn't seem to have any privelage escalation (all progs are run asthe current user logged on)Just want a few others to try it and see wut they think thanx alot redpantz
Current thread:
- RE: Winnt/Win2k Vuln ?, (continued)
- RE: Winnt/Win2k Vuln ? Thomas Reagan (Aug 10)
- Re: Winnt/Win2k Vuln ? Thor (Aug 10)
- RE: Winnt/Win2k Vuln ? Thomas Reagan (Aug 10)
- Re: Winnt/Win2k Vuln ? Felipe Franciosi (Aug 10)
- Re: Winnt/Win2k Vuln ? sween (Aug 10)
- Re: Winnt/Win2k Vuln ? Vulnerability Development (Aug 10)
- Re: Winnt/Win2k Vuln ? Kaneda Akira (Aug 10)
- Re: Winnt/Win2k Vuln ? Rio Martin. (Aug 10)
- Re: Winnt/Win2k Vuln ? Kevin Gagel (Aug 10)
- Re: Winnt/Win2k Vuln ? Fab Siciliano (Aug 10)
- Re: Winnt/Win2k Vuln ? sween (Aug 10)
- Re: Winnt/Win2k Vuln ? Kevin Gagel (Aug 10)
- Re: Winnt/Win2k Vuln ? J.D. Meek (Aug 10)
- Re: Winnt/Win2k Vuln ? Kaneda Akira (Aug 11)
- Re:Winnt/Win2k Vuln ? Thiago Campos (Aug 10)
- RE: Winnt/Win2k Vuln ? JKlemenc (Aug 10)
- Re: Winnt/Win2k Vuln ? martin . goudreault (Aug 10)
- Re: Winnt/Win2k Vuln ? Meritt James (Aug 10)
- RE: Winnt/Win2k Vuln ? David Schwartz (Aug 10)
- Re: Winnt/Win2k Vuln ? Meritt James (Aug 10)
- Re: Winnt/Win2k Vuln ? Ben Ford (Aug 10)
- Re: Winnt/Win2k Vuln ? Kevin Gagel (Aug 10)
- Re: Winnt/Win2k Vuln ? Meritt James (Aug 10)