加入收藏 | 设为首页 | 会员中心 | 我要投稿 河北网 (https://www.hebeiwang.cn/)- 科技、建站、经验、云计算、5G、大数据,站长网!
当前位置: 首页 > 编程 > 正文

看好注册表微软Server2003暗藏重大安详缺陷

发布时间:2019-06-17 16:11:13 所属栏目:编程 来源:蓝点
导读:受影响的版本: Windows Server 2003 (Internet Explorer 6.0) 裂痕调查: Windows Server 2003的这个裂痕会致使长途进攻者改动注册表Shell Folders目次,从而无需任何登岸认证,等闲得到体系文件夹中%USERPROFILE%文件的会见权。 ex.) %USERPROFILE% = C:

>受影响的版本:

Windows Server 2003 (Internet Explorer 6.0)

裂痕调查:

Windows Server 2003的这个裂痕会致使长途进攻者改动注册表"Shell Folders"目次,从而无需任何登岸认证,等闲得到体系文件夹中%USERPROFILE%文件的会见权。

ex.) %USERPROFILE% = "C:Documents and Settings%USERNAME%"

具体资料:

长途进攻者改动Windows Server 2003体系注册表中的"Shell Folders"目次,通过"shell:[Shell Folders].." 将当地文件与恶意措施链接。

[Shell Folders]

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerShell Folders

AppData: "C:Documents and Settings%USERNAME%Application Data"

Cookies: "C:Documents and Settings%USERNAME%Cookies"

Desktop: "C:Documents and Settings%USERNAME%Desktop"

Favorites: "C:Documents and Settings%USERNAME%Favorites"

NetHood: "C:Documents and Settings%USERNAME%NetHood"

Personal: "C:Documents and Settings%USERNAME%My Documents"

PrintHood: "C:Documents and Settings%USERNAME%PrintHood"

Recent: "C:Documents and Settings%USERNAME%Recent"

SendTo: "C:Documents and Settings%USERNAME%SendTo"

Start Menu: "C:Documents and Settings%USERNAME%Start Menu"

Templates: "C:Documents and Settings%USERNAME%Templates"

Programs: "C:Documents and Settings%USERNAME%Start MenuPrograms"

Startup: "C:Documents and Settings%USERNAME%Start MenuProgramsStartup"

Local Settings: "C:Documents and Settings%USERNAME%Local Settings"

Local AppData: "C:Documents and Settings%USERNAME%Local SettingsApplication Data"

Cache: "C:Documents and Settings%USERNAME%Local SettingsTemporary Internet Files"

History: "C:Documents and Settings%USERNAME%Local SettingsHistory"

My Pictures: "C:Documents and Settings%USERNAME%My DocumentsMy Pictures"

Fonts: "C:WINDOWSFonts"

My Music: "C:Documents and Settings%USERNAME%My DocumentsMy Music"

My Video: "C:Documents and Settings%USERNAME%My DocumentsMy Videos"

CD Burning: "C:Documents and Settings%USERNAME%Local SettingsApplication

DataMicrosoftCD Burning"

Administrative Tools: "C:Documents and Settings%USERNAME%Start

MenuProgramsAdministrative Tools"

恶意代码示例:

**************************************************

This exploit reads %TEMP%exploit.html.

You need to create it.

And click on the malicious link.

**************************************************

Malicious link:

Exploit

微软设施:

微软已于2003年6月9日宣布了此裂痕通告,打算于下一个版本的windows补丁中添加此裂痕的修补措施。

文章来历:金山毒霸编译

(编辑:河北网)

【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
    相关内容
      推荐文章
      站长推荐
      热点阅读

        【免责声明】本站内容转载自互联网,其发布内容言论不代表本站观点,如果其链接、内容的侵犯您的权益,烦请提交相关链接至邮箱bqsm@foxmail.com我们将及时予以处理。

        建议您使用1920×1080分辨率、谷歌浏览器Google Chrome、Microsoft Edge以获得本站的最佳浏览效果

        Copygight © 2008-2022 https://www.hebeiwang.cn/ All Rights Reserved. 河北网