Re: Auto-Run CD - Disabling Screensavers

From: Chris Hall (chall_at_verio.net)
Date: 03/13/03

Next message: Dieter Sarrazyn: "RE: Pen-Testing Windows from Solaris"

Previous message: Nicolas Gregoire: "Re: Mail Server testing"
In reply to: jjohnmck_at_bigpond.net.au: "Auto-Run CD - Disabling Screensavers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 13 Mar 2003 12:06:11 -0600
To: "jjohnmck@bigpond.net.au" <themac@bigpond.net.au>

[themac@bigpond.net.au] Mon, May 12, 2003 at 05:37:47PM +0800 wrote:
> I read somewhere (a while back on this list) that a CD burnt tool
> exists to disable the password protected screen savers on workstation
> (or server) if the CD Auto run setting is enabled on that machine...
>
> Does anyone know of the link for this resource?
>
> Systems : Windows 2000 workstations
>
> Regards,
> Nick
>
>

There is/was an issue with using the cd autorun feature on Win9.x/NT that was
enabled by default. Bascily, one can just create a CD with a autorun.inf file
to run whatever. I am not sure if Win2k is affected by this.

http://www.securityfocus.com/archive/1/47338/2003-05-10/2003-05-16/1
http://www.securityfocus.com/bid/993

It should be fairly easy to create your own to do whatever. Looking back
through the archives, here is one example.

http://www.securityfocus.com/archive/101/155392/2001-01-08/2001-01-14/2

I do remember quite a few "tools" floating around, but couldn't locate any
googling, course i really didn't spend a whole lot of time looking either. :)

-- 
Thanks,
- Chris Hall
  "The growing use of e-mail, not to mention Web-page publishing, threatens 
to reverse the trend towards illiteracy among the supposedly educated without, 
at the same time improving their spelling".
                                               -- Michael Swaine, Dr. Dobb's Journal
---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

Next message: Dieter Sarrazyn: "RE: Pen-Testing Windows from Solaris"

Previous message: Nicolas Gregoire: "Re: Mail Server testing"
In reply to: jjohnmck_at_bigpond.net.au: "Auto-Run CD - Disabling Screensavers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]