lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue May 31 22:22:14 2005 From: bkfsec at sdf.lonestar.org (bkfsec) Subject: [Windows XP] possible privilege escalation Pif Gadget wrote: > >> are you sure you didn't launch wmplayer form the setup process >> (something >> like: start wmplayer when setup is complete). > > > Hmm, the setup program (.exe which runs an .msi) installs a classic > "annoying" developpement app (the other day it was some Microsoft > Office suite product). I doubt it would launch WMP for any reason, if > it's what you meant. > To get rid of the doubt, I just retried the installation process being > logged in as Admin, and nope, it didn't launch WMP. > > > Just guessing here, but is it possible that the setup program could have tried to take ownership of the running process in order to ensure that an installation started in this way would complete successfully? I'm not sure precisely how this could be done or that it would have been done in this package, but it makes the most sense out of any scenario that I can think of. In either case, I'm not sure that it's a privelege escalation per-se for the reason that it required you having the administrator account in the first place to be able to escalate the process' priveleges. Where that could be dangerous is if an administrator got tricked into running an executable that escalated the priveleges of a malicious program, but once you get them to run that type of code you've got other options available to you that will probably be easier to utilize. Not that I can't see this being used in nasty ways or anything... -Barry
Powered by blists - more mailing lists