Thread: login in Windows Vista without any credential
View Single Post
  #8 (permalink)  
Old 02-28-2007
=?Utf-8?B?QWJoaXNoZWsgQ2hvdWRoYXJ5?=
 

Posts: n/a
Re: login in Windows Vista without any credential
You are correct, but what if the Administrator delete the account, which you
have created, because it display all the account name at the time of login,
so victim can see that a new account has beed created, and he will know that
there is some hacking activity is done on his machine.

"Robert Firth" wrote:

> Yes pretty pointless. It allows you to access the computer again later. You
> already have to have access. I propose a better secury leak. Go to control
> panel, users profiles. Setup a second administrator account. Bam, you can
> access the account later. Full access through that account. I have to
> admit, the magnifier.exe thing is pretty sneaky though. This is only a
> security threat if your live in a community environment and forget to lock
> your computer.
>
> Physical security is just as important as anything Microsoft can do. If you
> leave your computer logged in for anyone to use, that is a security threat
> that you created. The whole point of an administrator account is to have
> access to everything. That same user that messes with the windows\system32
> folder could also install a rootkit or spyware on your computer. A physical
> person can easily bypass all the UAC prompts, do whatever they please. Heck,
> they could plug in a USB key and copy all your private data straight to it,
> or delete it.
>
> --
> /* * * * * * * * * * * * * * * * * *
> * Robert Firth *
> * Windows Vista x86 RTM *
> * http://www.WinVistaInfo.org *
> * * * * * * * * * * * * * * * * * */
>
> <alun@texis.invalid> wrote in message
> news:B34E9C22-B805-4F95-AEA7-94B15BB3A986@microsoft.com...
> > "Abhishek Choudhary" <Abhishek Choudhary@discussions.microsoft.com> wrote
> > in message news:84B823DA-703D-4A9A-AC36-EA623537E69F@microsoft.com...
> >> There is a serious bug found in Windows Vista Ultimate, which allow the
> >> user
> >> to login in to Window Vista System without providing any credential. It
> >> just
> >> requires the attacker to access the victim system, for the first time. To
> >> gain access to victim system, follow these steps.
> >>
> >> 1) Open System32 folder of your windows.
> >> 2) Copy Cmd.exe, Magnify.exe and paste it in two different locations, for
> >> safety purpose.
> >> 3) Rename the cmd.exe to Magnify.exe on the backup location.
> >
> >
> > And ... what access rights do you need to have to the system for step 4,
> > which writes to the system32 directory?
> >
> >> 4) Copy & paste the renamed cmd.exe to system32 folder, this asks for
> >> replacing the Magnify.exe, just continue with replacing.
> >
> > Oh, yes, that's right, it requires you have administrator access to write
> > to that directory.
> >
> > So, if you're an administrator, you can hack the machine so that you don't
> > have to log on.
> >
> > Brilliant.
> >
> > I can do that with a couple of registry entries.
> >
> > Alun.
> > ~~~~
> > --
> > Texas Imperial Software | Web: http://www.wftpd.com/
> > 23921 57th Ave SE | Blog: http://msmvps.com/alunj/
> > Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
> > Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer.
> >
> >
>
>
Reply With Quote