Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: Test your windows OS
From: "Sean Crawford" <sean01 () accnet com au>
Date: Tue, 5 Oct 2004 05:06:31 +1000


Alex Wrote-------------->

---> Oooo my...
---> Got around 12 of win32 executable crashes on my Win2K server with all
---> patches...
---> This is much better tool that MS Baseline Security analyzer :-(


Alex I don't know why you would run it on a working server??.....did you
want to reboot anyway or something?.

It's not exactly pen testing..

So what did you learn?

Thanks.
Sean.




---> From: "Berend-Jan Wever" <skylined () edup tudelft nl>
---> To: <full-disclosure () lists netsys com>
---> Sent: Monday, October 04, 2004 11:39 AM
---> Subject: [Full-disclosure] Test your windows OS
--->
--->
---> > Hi all,
---> >
---> > Wanna do a quick test to see if the programmers that wrote
---> your windows
---> operating system have any clue as to what there doing ? Run
---> these commands
---> from cmd.exe in the system32 directory:
---> >
---> > for %i in (*.exe) do start %i
---> %n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n
---> > for %i in (*.exe) do start %i
---> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.... (type as much "A"-s as
---> cmd.exe allows on one line.)
---> >
---> > Each command will execute every program in your system32
---> directory, most
---> of them will either ignore the parameter or report an error because the
---> parameter doesn't make sence... But on my win2k system I found
---> 6 programs
---> vulnerable to these very simple formatsting and BoF tests....
---> grpconv even
---> gives EIP 0x00410041, can it be any easier?
---> >
---> > These are not vulnerabilities in itself: you cannot gain
---> access or elevate
---> priviledges but I just wanted to let you know that these
---> programmers did a
---> sloppy job.
---> >
---> > Cheers,
---> > SkyLined

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault