Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: Windows user privileges
From: rp <lists () domain-logic com>
Date: Mon, 22 Nov 2004 16:17:10 -0500

At 12:43 PM 11/22/2004, you wrote:

Are we able to run Explorer.exe using runas utility...
Of course. You can run any binary using runas. You may have to use absolute paths, but that's a minor inconvenience.

Just to clear that up, depending which script/utility you are using to initiate the code you can use:
%windir%\explorer.exe

I remember dissecting a bit of malicious code attached to an email about 6 years ago.
I remember thinking 'whoever wrote this can't be older than 12'.
It had hardcoded
c:\windows\...blah blah blah
and
c:\win95..blah blah blah
I guess these were attempts to cover their bases. Why not just use %winnt% or %windir%? I adjusted the script with %windir%and it worked (I think it might have been WSH, but that would be Win98, but in any case I remember it worked).

rp
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]