Re: GetAd.exe testing

From: Fort _ (fort@linuxmail.org)
Date: 10/21/02


Date: 21 Oct 2002 13:39:53 -0000
From: Fort _ <fort@linuxmail.org>
To: focus-ms@securityfocus.com


('binary' encoding is not supported, stored as-is) In-Reply-To: <200210181958.g9IJwN3W069622@mailserver3.hushmail.com>

>
>Downloaded this:
>
>Security Advisory, Exploit Source and Compiled Binary:
>http://getad.chat.ru/
>
>Ran it as a user on a W2K server that had perms set on the cmd.exe to
Admins and System only....didn't work.
>
>The exploit does run correctly on a default install of W2K.
>
>Can anyone else confirm this. It'd be nice if seting perms on one file
would nullify this .exe
>
>Thanks,
>
>DWreck

Just tested it on Win2k PRO SP2, set cmd.exe to admin and system only,
logged in as guest, tried to run the exploit and it won't work.

teh only problem i can see with this is if you use logon scripts and such,
or you require cmd.exe for other reasons.

So yeah, your way does work :)



Relevant Pages

  • SUMMARY Slow NFS Service
    ... ('binary' encoding is not supported, ... Thanks to all admins that answered the question. ... I received several hints, but the one that really solved is to mount with parameter nfsv2. ... agora com POP3/SMTP e 120MB de espašo! ...
    (Tru64-UNIX-Managers)
  • Re: amount of alarms generated by IDS
    ... ('binary' encoding is not supported, ... >expected to generate much fewer FPs since admins don't have all the time in the ... >world to tune the rules unlike on a promiscuous mode device. ...
    (Focus-IDS)
  • GetAd.exe testing
    ... Hash: SHA1 ... Security Advisory, ... Ran it as a user on a W2K server that had perms set on the cmd.exe to Admins and System only....didn't work. ...
    (Focus-Microsoft)