lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: tux at penguinnetwerx.net (Kevin Reiter)
Subject: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER

<snip>

: Windows Explorer is an advanced browsing tool made by Microsoft. It is used
: in daily tasks to open folders, copy files, delete files, rename files and
: view files on a system. It is the foundation of the World Wide Web and used

OK, we need to figure out which "Explorer" this guy is talkin' about - Internet
Explorer or Windows Explorer.

: Shogun Suzuki discovered that a remote user can connect to any machine via
: numerous exploits and use Windows Explorer to view files, rename files,
: delete files, change permissions on files stored on a remote machine that
: has been pwned.

..such as ...????  (HINT:  What 'sploits?)

: On a command prompt: del C:\WINDOWS\explorer.exe

Erm...sure...OK.   But what happens when the poor sucker reboots the box and
discovers the O/S is inop (provided the O/S even lets you delete the file in the
first place, since explorer.exe is the shell ...)?

Sorry, but this was the very first post I saw after I joined this list a little
bit ago, and I couldn't resist a few comments.  Is this guy for real, or is this a
joke?

-K

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ