Vulnerability Development: Re: Shutting down windows NT remotely (without winnt toolkit)?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Shutting down windows NT remotely (without winnt toolkit)?

From: Marshal <marshal () marshal-soft com>
Date: Fri, 09 Nov 2001 14:08:04 +0100

Lincoln Yeoh wrote:

At 12:06 AM 05-11-2000 -0800, Robert Freeman wrote:

A reboot is helpful unless the NT box is not password protected or has an
agent to automatically enter the password upon startup. Until an admin shows
up the box is basically useless.


AFAIK the services still start after a reboot. So the trojaned box still

scans the whole internet.

I don't for NT but a 'echo your box has a trojan' 'pause' inautoexec.bat would do the trick on a windows 95/98 machine..probablysomething similair is possible on NT?



--
grt, marshal

[ url  : http://www.startplaza.nu | security news & links    ]
[ url  : http://www.heknet.com    | security news & exploits ]

By Date By Thread

Current thread:

Re: (pointless?) overflow in tftp.exe (Was: Re: twlc advisory: possible overflow in ms ftp client), (continued)
- Re: twlc advisory: possible overflow in ms ftp client whitehat (Nov 08)