"Windows Automatic Update" or a backdoor - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: "Windows Automatic Update" or a backdoor

  1. #11
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Quote Originally Posted by jockey0109
    Yes, as far as the %systemroot%\SoftwareDistribution is concerned about it, I was aware about it (had applied updates to a newly installed OS copy from that of an already existing one on the same machine ) Now, yes thats the way update takes place. I did not know about the BITS (thanks for that). But my intension was not to tell him that how Windows update takes place in particular. Since he asked about a backdoor, I thought it would have been better to tell about the system account.

    Thats not the way you hack into your SYSTEM account. Yes, the at command can be used to run programs with SYSTEM privileges but you cannot start a program which has visible windows and dialogue boxes to operate normally with SYSTEM account.

    Thats as per my experience. Tell me if anyone else has got a success in running it that way! I would like to know HOW!!!
    I was just trying to elaborate on what you had said about windows update. In this instance, it is important to tell them how windows update works and which services/programs are involved. I was explaining how windows update works so they can understand that it is a normal system function and not some backdoor.

    BTW: You can run a program as system that has visable windows, etc.

    Do the following.

    Log on as admin, or "run as" the command prompt as admin.
    Make sure the task scheduler is running.

    create a task using the at command to start taskmgr one minute from your current time.

    at 13:48 /interactive taskmgr

    (you have to change the 13:48 to be whatever is one minute past your current time)
    one minute later, it will open the task manager. if you look at processes, it will be running as SYSTEM. from there, you can use the new task button under the applications tab to start any program under the same SYSTEM privledges. Whatever you want. cmd, internet explorer, firefox, whatever. As you know, all those programs have visible windows.
    Last edited by phishphreek; October 21st, 2007 at 06:59 PM.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  2. #12
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    Well, lemme try, I have not tried it with taskmgr till now! I will get back soon (actually, VMWARE is what I will test it on .... who's gonna risk WIndows!)
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  3. #13
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    Hell yes, that was right! I did not know about the /interactive switch! Thanks for that... but still, some files like SAM are inaccessible! However the registry entry for SAM was open to be exploited!

    but I noticed tht the trick does not work if I log onto another acount with admin privileges. It worked only when I used the account whose NAME is also administrator.
    Last edited by jockey0109; October 21st, 2007 at 07:02 PM.
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  4. #14
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Hmm, not sure why. I created a new admin account. Then I renamed and disabled my default admin account. I'm running under a different SID all together and just as an account in the admin group. Mine seems to work fine on both Windows XP PRO SP2 and Windows Media Center 2002 SP2.

    I have a vista ultimate box here that I just started exploring. I'll have to see if you can do it with Vista too.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  5. #15
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    I was explaining how windows update works so they can understand that it is a normal system function and not some backdoor.
    That is true, but there was a bit of a fuss a few weeks ago when the Updater updated itself without asking user permission, even if updates had been turned off.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  6. #16
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    Now I am not using the WIndows much, but certainly, that was something I did not read anywhere else than AO (actually I go for a limited no. of sitesdue to time boundaries). And of cours, that is a good thing .... only that its good just for MS. And this should reduce the no. of pirated copies.
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  7. #17
    Senior Member
    Join Date
    Jun 2003
    Posts
    347
    Hi Jockey,
    I posted this no long time ago.its interesting read.its link there on the page
    http://antionline.com/showthread.php?t=275939

  8. #18
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Off Topic//

    I run ZoneAlarm on this box, and I updated it fairly recently............. It now asks me for permission to go to the "mainframe" and see if there is an update.

    I guess some outfits have taken a lesson from the very negative response that M$ got?

    \\
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  9. #19
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    hmmm... well, question is: did MS got it right? Now I seriously do not think that it was a real nice idea to get their software update itself despite the denial of permission by its own USER! MS talks everythnig about themselves and all that goes right with them but never about the rules that it breaks and specially those which were made and showcased by MS itself!
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 01:51 PM
  2. Administrative Tools - Services
    By carenath in forum Operating Systems
    Replies: 8
    Last Post: January 8th, 2006, 05:03 AM
  3. Windows XP SP2 RC2 - Overview
    By Negative in forum Microsoft Security Discussions
    Replies: 25
    Last Post: June 28th, 2004, 02:28 PM
  4. Windows XP Tips
    By Nokia in forum Tips and Tricks
    Replies: 4
    Last Post: June 18th, 2004, 04:24 PM
  5. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 07:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides