Fun with Windows (part 2)

posted onJune 28, 2000

by hitbsecnews

< having
fun with Windows vulnerability >

So
it seems someone actually READ my article eh? that's good :) or that would
have been my last one! :D LOL!

<<
ENOUGH OF THAT COCKY LAUGH, GET ON WITH IT! >>

Yeah,
yeah, sure...okay already!

<<
SHOW ME THE MONEY! ER, I MEAN THE EDITING! >>

Allright
then, on to more fun to have with win.ini this time. So have your prompts
all sported green text by now? Or is it in some other nice cool colour?
Like maybe white on blue background like some programmer's coding at work?
Well, check out the help in DOS (if you still keep it around) for the
codes to use to get that colour scheme. As usual, edit the file like so
at the command prompt before the Micro-mono-soft-lith cool OS (NOT!) loads
up (that means hit the F8 key when you see the words 'Starting...'):

C:>edit
c:windowswin.ini

<<
NOT RECOMMENDED FOR NEWBIES OR THOSE UNFAMILIAR WITH WINDOWS >>

Yeah,
yeah, whatever...those who dug into win.ini before can skip the bright
red note above this line :) This is the top section of win.ini:

[windows]
load=
run=
NullPort=None
device=Xerox DocuPrint PG12,FXPG12,Serverxerox

Ignore
the NullPort etc. below it. What we're interested is the 2 lines below
the [window] section. Windows runs the commands here after processing
the system.ini file and before loading the other startup commands in
the registry and startup group.

So let's
see...if we put in like so:

[windows]
load=calc.exe
run=winver.exe

What you'll
get when you start Windows is Calculator will be loaded and Windows
Version will be run. Simple eh? Now let's get tricky...heh :)

The load
command loads apps, doesn't run it unlike the run command. What's the
difference you ask? Well, some printer monitoring apps, if loaded, does
not display anywhere in the shell (desktop), either on the taskbar or
in system tray. But if you were to run it, you might end up with a status
monitor box in the middle of the screen.

Now that
you know the difference, time to get more sneaky...heh heh ;)

<<
WARNING! LETHAL EXECUTION OF CODE BELOW! >>

Ooo, I'm
scared...heh heh ;) You can insert more than one command in any of these
2 lines like so:

run=calc.exe,
winver.exe, winfile.exe

Which
brings a new way to overload a Windows system upon startup. Unlike items
in the startup menu (which can be manually overrided by holding down
the Shift key when the desktop appears), this cannot be avoided unless
the win.ini file is reedited and saved. So, say you were to do this:

run=c:progra~1photoshopphotoshp.exe,
mplayer2.exe, ...use
your imagination :)

A system,
with say, 32MB, is going to be tearing itself apart loading so many
apps. With a little inguinity you can even start defrag and run command
line options ;)

There
are more things you can do...but i'll leave that to your mind to explore, cya!

- xearthed@hotmail.com
| xearthed.tripod.com

1.)
HardAttack
: Review of Gateway Microserver -
L33tdawg

2.)
Setting up
a DHCP server (Part 2) -
L33tdawg

3.)
WINS
vs DNS -
Haven

4.)
Self
Actualisation through broadband
- L33tdawg

5.)
Somebody
loves you - an analysis of the ILOVEYOU Worm -
Black Hand

6.)
Distributed
Tools -
sasha / lifeline

7.)
Fun
with Windows (Part 2) -
xearthed

8.)
Inside
the box : Comparison of Linux distributions
- Liquid Sphear

9.)
A look at
SNMP
- Haven

10.)
Things
to do in Ciscoland when you're dead
- gauis