Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Autorun in screensaver

from [Roger McLaren] Network Security [Permanent Link]
Subject: Re: Autorun in screensaver
Date: Tue, 09 May 2006 12:42:21 -0700 
Ricci,

That was an old vulnerability discovered in the NT4 days. All you had
to do was create a batch file that did something nasty like adding a
user account to the administrators group. Make it autorun on a CD and
put it in a machine where someone was logged in as an administrator an
voila!

That vulnerability was corrected a long time ago. Win2K/2k3 and XP do
not have that issue.

Roger McLaren
Systems Analyst
Ventura County Office of Education



<ricci@cs.ust.hk> 5/8/2006 3:39:21 PM >>>

Hello All,

I'm conducting a security assessment and suddenly I got an interesting
question. When I inserted an USB hard disk with screensaver turned on,
I
can see that my hard disk has been enabled and autoplay must have been
executed. However, can an autorun program be executed when screensaver
turned on? Is there any way that I can make the autorun executed even
with
screensaver turned on?

Please advise.

Thx.

Ricci


---------------------------------------------------------------------------
---------------------------------------------------------------------------


---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Patch Management on Critical Servers (Healthcare), Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Next by Date:  Re: Autorun in screensaver, Saqib Ali
Previous by Thread:  How to securely leverage Microsoft AD for Outsourcing and third party systems authentication., Serge Vondandamo
Next by Thread:  USB device installation problem, ricci
Indexes:  [Date] [Thread] [Top] [All Lists]