Re: Windows Shellcode - Using Detached_Process flag

Date: 03/09/03

  • Next message: Andres Roldan: "Re: Why SUID Binary exploit does not yield root shell?"
    To: helmut schmidt <>
    Date: Sun, 09 Mar 2003 16:58:48 -0500

    On Sun, 09 Mar 2003 13:08:40 GMT, helmut schmidt <> said:

    > Some commands like DIR work ok, but most others create a windows on the
    > vulnerable machine instead of displaying back to my remote shell. For
    > instance if I ping another machine, a visible window opens on the vulnerable
    > machine - I see the ping results in this window then the window closes. So
    > this is only half working.
    > Does anyone know why this odd behaviour is happening ? How can I program
    > this to be 100% successful ? A bit of c code would be helpful if anyone
    > would be kind enough to share it.

    Windows doesn't have a very good grasp on the idea that programs should have
    line-mode variants, so many things come in GUI-only variants.

    How to pipe the output of these back to your machine *without* the use of
    VNC or the Unix world's X Windows or similar is a Very Hard Problem.

    				Valdis Kletnieks
    				Computer Systems Senior Engineer
    				Virginia Tech

  • Next message: Andres Roldan: "Re: Why SUID Binary exploit does not yield root shell?"

    Relevant Pages

    • Re: Cant view certain websites....the firewall maybe?
      ... Did you try entering that telnet command in your command window? ... About the only thing ping is still ... >> A more reliable way to test connectivity is to use your telnet client. ...
    • Re: .bat file for "keep open ping" not working after WinXPsp2 clea
      ... simply remained blank for about 30 sec then gave an error message: ... pinged or accessed the internet connection before it gave the error messages. ... The cmd.exe window ... Can someone tell me how to get a .bat file to work in order to Ping - ...
    • Re: Shell from HTA ???
      ... I wrote my own "ping" function and it looks very similar to this one, ... the console window generated by the Exec method (which is always ... > to see if the remote computer is online. ... > torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway ...
    • Couple General Questions (Not off topic too much)
      ... Is it possible for an ISP to block traceroute requests and ping ... like just the basic stuff i need and X with one or two window managers, ...
    • Lost ability to connect to internet with cable/router
      ... First thing you need to do is to try and ping the internal ... Open a command window, click start ... runs from your network card to your router. ... address, go to one of your computers that is working, type ...