Stickey Keys - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

		HeapOverflow Computer Security Community & Forums : Heap Overflow.com > Computer Security: Discussions > Security discussions
Stickey Keys

Mark Forums Read

Notices

Welcome to you visitor! This community is mainly dedicated to the computer and security, if you're looking for DFind scanner or others exploits codes you will find them into the Projects section, feel free to start Blogging and remember to always keep an eye and start talking about security Advisories & public Exploits.

Security discussions Discuss about the computer security in general

Stickey Keys

This is a discussion on "Stickey Keys" within the Security discussions part of the Computer Security: Discussions section; Today I discovered something weird.. If your windows XP / 2003 Machine is locked or nobody is logged on even via Terminal service, there is the ability to activate "stickey keys" by pressing five times the shift key.. I ...

Reply

#1 (permalink)

Old

14-06-05

mon12 is offline

Junior Member

Join Date: Jun 2005

Posts: 1

Thanks: 0

Thanked 0 Times in 0 Posts

Rep Power: 5

mon12 is on a distinguished road

Default

Stickey Keys

Today I discovered something weird..

If your windows XP / 2003 Machine is locked or nobody is logged on even via Terminal service, there is the ability to activate "stickey keys" by pressing five times the shift key..

I do not know what the implementation could have in a security point of view,
I think this should not be possible, because you can activate the "stickey keys" process in SYSTEM context..

Maybe somebody has idea's to what can be done with this, I consider it a bug that a non authoritive person can activate a process without loggin in.

Greetings,

Mon11

Reply With Quote

Sponsor

Advertiser

#2 (permalink)

Old

14-06-05

class101 is offline

Administrator

Join Date: May 2005

Location: France

Age: 27

Posts: 592

Blog Entries: 3

Thanks: 18

Thanked 7 Times in 7 Posts

Rep Power: 10

class101 has disabled reputation

Send a message via MSN to class101

Default

thanx for reporting this man, have been looking around to search about this but looks like you can setup restrictions to avoid this:

http://microsoft.com/enable/training/wi ... ykeys.aspx

__________________
Security community webmaster
100% Free Directory
100% Cool milw0rm javascript

Reply With Quote

#3 (permalink)

Old

14-06-05

strcpy is offline

Junior Member

Join Date: Jun 2005

Location: Iran

Posts: 10

Thanks: 0

Thanked 0 Times in 0 Posts

Rep Power: 7

strcpy is on a distinguished road

Default

hmm

if it`s my case ,
well , after onc successfull access to that system
I`ll replace my custom backdoor with related dll/excutables
and , I`ll have my cute backdoor shortcut key on system

maybe running a cmd.exe or explorer.exe is enough ?

if this backdoor pop-up remains working on terminal-service ,
it would be my favor backdoor on systems , rather than logging in
directly .

Reply With Quote

#4 (permalink)

Old

09-09-05

Zachalicious Zachalicious is offline

Zachalicious is offline

Junior Member

Join Date: Sep 2005

Posts: 4

Thanks: 0

Thanked 0 Times in 0 Posts

Rep Power: 5

Zachalicious is on a distinguished road

Default

sticky keys sucks

Reply With Quote

Sponsor

Advertiser

Reply

Tags
keys, stickey

« Why exploits makers helps | Vulnerability in AVIRA Desktop for Windows »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
CVE-2008-0760 (Sentinel Keys Server, Sentinel Protection Server)	Heap	Advisories	0	14-02-08 19:34
CVE-2007-6483 (Sentinel Protection Server, Sentinel Keys Server)	Heap	Advisories	0	21-12-07 20:09

heapoverflow.com - SEOmeter SEO tools

Locations of visitors to this page

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72