From: Sean Crawford (sean01accnet.com.au)
Date: Mon Oct 04 2004 - 14:06:31 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alex Wrote-------------->

---> Oooo my...
---> Got around 12 of win32 executable crashes on my Win2K server with all
---> patches...
---> This is much better tool that MS Baseline Security analyzer :-(

Alex I don't know why you would run it on a working server??.....did you
want to reboot anyway or something?.

It's not exactly pen testing..

So what did you learn?

Thanks.
Sean.

---> From: "Berend-Jan Wever" <skylinededup.tudelft.nl>
---> To: <full-disclosurelists.netsys.com>
---> Sent: Monday, October 04, 2004 11:39 AM
---> Subject: [Full-Disclosure] Test your windows OS
--->
--->
---> > Hi all,
---> >
---> > Wanna do a quick test to see if the programmers that wrote
---> your windows
---> operating system have any clue as to what there doing ? Run
---> these commands
---> from cmd.exe in the system32 directory:
---> >
---> > for %i in (*.exe) do start %i
---> %n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n
---> > for %i in (*.exe) do start %i
---> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.... (type as much "A"-s as
---> cmd.exe allows on one line.)
---> >
---> > Each command will execute every program in your system32
---> directory, most
---> of them will either ignore the parameter or report an error because the
---> parameter doesn't make sence... But on my win2k system I found
---> 6 programs
---> vulnerable to these very simple formatsting and BoF tests....
---> grpconv even
---> gives EIP 0x00410041, can it be any easier?
---> >
---> > These are not vulnerabilities in itself: you cannot gain
---> access or elevate
---> priviledges but I just wanted to let you know that these
---> programmers did a
---> sloppy job.
---> >
---> > Cheers,
---> > SkyLined

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]