On Thu, 15 Feb 2001, Nelson Brito wrote:
<snip>
> > 2 - place the autorun.inf and autorun2.exe on there;
>
> When I said "place" I just want to say: If the "root directory" is
> writable to you, put the files there. It's mean that is possible to
> exploit this using all of shares, example:
> ADMIN$ -> %SystemRoot%
> C$ -> %SystemDrive%
>
> By default ordinary users have write access on those shares.
No, they don't by default with NT4. If 'normal' users have write access
to administrator shares of Workstations on your domain, that is a tad bit
more worrying than an autorun exploit.
Regards,
Gossi.
