[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Windows user privileges

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] Windows user privileges
From: rp <lists@xxxxxxxxxxxxxxxx>
Date: Mon, 22 Nov 2004 16:17:10 -0500

At 12:43 PM 11/22/2004, you wrote:

Are we able to run Explorer.exe using runas utility...
Of course. You can run any binary using runas. You may have to use absolute paths, but that's a minor inconvenience.

Just to clear that up, depending which script/utility you are using to initiate the code you can use: %windir%\explorer.exe

I remember dissecting a bit of malicious code attached to an email about 6 years ago. I remember thinking 'whoever wrote this can't be older than 12'. It had hardcoded c:\windows\...blah blah blah and c:\win95..blah blah blah I guess these were attempts to cover their bases. Why not just use %winnt% or %windir%? I adjusted the script with %windir%and it worked (I think it might have been WSH, but that would be Win98, but in any case I remember it worked).

rp

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Windows user privileges
  - From: Sandeep Singh Rawat
- RE: [Full-Disclosure] Windows user privileges
  - From: Paul Schmehl

Prev by Date: Re: [Full-Disclosure] Certifications
Next by Date: [Full-Disclosure] iDEFENSE Security Advisory 11.22.04: Sun Java Plugin Arbitrary Package Access Vulnerability
Previous by thread: RE: [Full-Disclosure] Windows user privileges
Next by thread: RE: [Full-Disclosure] Windows user privileges
Index(es):
- Date
- Thread