Reply to post: Insecurity by anti-virus

Sysadmin cracked military PC’s security by reading the manual

Anonymous Coward
Anonymous Coward

Insecurity by anti-virus

1998 - at the start of the Y2K remediation project in one of the big banks of the day.

We were using Windows NT without admin privileges. As you might be aware, doing IT in those days without it was neigh on impossible (we weren't provided any tools for the job bar a basic text editor and compiler)

There were no portable apps then either, so an installation was required for everything else we'd need to do our job (like hex editors and the like).

After logging in, there was an init script that ran the antivirus in it's own DOS window. Somehow (wasn't on purpose Guv', I swear) I found out that you could Ctrl+C into that window to get a DOS prompt retaining the privileges the anti-virus ran with (guess what those were) and, from there, do whatever you wanted to, including - but not limited to - changing user privileges.

(A/C 'cause you never know)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019