[kc-cfstudents] Gaining System Access to Vista without username/password

• From: "Tatyana Zidarov" <tzidarov@xxxxxxxxx>
• To: kc-cfstudents@xxxxxxxxxxxxx
• Date: Wed, 28 May 2008 19:23:42 -0400

http://tech.slashdot.org/article.pl?sid=08/05/26/0257213

*"This video shows a method by which a user can use a Linux distro called
BackTrack to gain system access to Windows
Vista<http://www.offensive-security.com/movies/vistahack/vistahack.html>without
logging into Windows or knowing the username or password for any
accounts. To accomplish this, the user renames cmd.exe to Utilman.exe — this
is the program that brings up the Accessibility options for users without
sight or with limited vision. The attack takes advantage of the fact that
the Utility Manager can be invoked before the user logs into the system. The
user gains System access, which is a level higher than Administrator. The
person who discovered this security hole claims that XP, 2000, 2003 and NT
are not vulnerable to it; only Windows Vista is."

*Video:
http://www.offensive-security.com/movies/vistahack/vistahack.html

Other related posts:

• » [kc-cfstudents] Gaining System Access to Vista without username/password

1. Home
2. kc-cfstudents
3. Archive
4. 05-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---