mailing list archives
Re: Exploit: Windows95/98/ (NT?) Autorun
From: aleph1 () NATIONWIDE NET (Aleph One)
Date: Tue, 26 May 1998 14:36:00 -0500
This is a summary of this thread. I am killing it here.
Craig Ozancin <cozancin () axent com> informs us that that Windows NT will
not perform the AutoRun function while the screen saver is active.
Ansar Mohammed <amohammed () carib-link net> points out that the AutoRun
feature is disabled on floopies disks by default.
Matt Hallacy <poptix () INGS COM> points out that the are commercial products
that exploit this feature to unlock workstations. For example
Axon <axon2017 () students johnco cc ks us> show us how to disable the
1) Get to the "System" Control panel. This is accessible by right
clicking on the "My Computer" icon and selecting "Properties" or by
selecting "System" from the control panel.
2) Choose the "Device Manager" tab in the System Properties window, and
Expand the "CDROM" branch by clicking on the + next to it. This will
display all CD-ROM devices attached to your computer.
3) Select a CD-ROM drive, then click on the "Properties" button. This
brings up the "CD-ROM Properties" window. Select the "Settings" Tab.
4) The Checkbox labeled "AutoInsert Notification" is what controls
AutoRun. Make sure it is unchecked, then click OK, then Click OK again
in the System Properties window. When you restart, your CD-ROM Should
not AutoRun anymore.
Matt Hallacy <poptix () INGS COM> points out that the Windows 95 screen saver
password is easily decrypted. You can find several programs that will
print out the password. For example:
ftp://null.angel.nu/projects/95sscrk.zip. He also points out the most of
the time the screen saver password is identical to the login password
to the machine and other services.
Aleph One / aleph1 () dfw net
Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
- Re: Exploit: Windows95/98/ (NT?) Autorun Aleph One (May 26)