Hacker News new | past | comments | ask | show | jobs | submit login

In XP, all bets are off, as the vast majority of users run with local admin rights.

For Vista and 7, I believe that the much-hated-by-numpties User Account Control should prevent this from happening, as it opens a virtual screen or something to give access to the 'OK/Cancel' dialog.

From UAC on Wikipedia: 'User Account Control asks for credentials in a Secure Desktop mode, where the entire screen is temporarily dimmed, Windows Aero disabled, and only the authorization window at full brightness, to present only the elevation user interface (UI). This is to prevent spoofing of the UI or the mouse by the application requesting elevation.'




For Vista and 7, I believe that the much-hated-by-numpties User Account Control should prevent this from happening

I think the idea was that the USB device would include a keyboard and that this would press the keys required to confirm UAC. This wouldn't work if the machine was locked, and if the user could see the screen then they'd at least notice it.


In a past thread about hardware exploits, someone suggested simply having a device that poses as a keyboard and then types out the source of a rootkit and compiles it. Or even just type the binary straight onto the disk somehow.

That my friends, is genius. Credit goes to whoever suggested it originally.


It is possible to make a pure-ASCII executable. http://mirror.href.com/thestarman/asm/eicar/eicarcom.html


I don't see how you could do this for PE files, which would be required to pull this off on x64 (since you can't run 16-bit binaries like .COMs). There are several fields in the headers that require non-ASCII values.


With PowerShell or WSH?


This link is very interesting. I thought incorrectly that it was only a random string. You should submit the link.


Fair play - I stand corrected.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: