I think after testing this with 3 other pc's i think i have found a bud in product ./// NAV 2002 for winxp
_____________________________________________
this text was directly copied by me... from one of my postings in a website related with security/hacking
__________________________________________
demonstration
http://www.geocities.com/visitbipin/navbug.zip ______________________________________________
||| I AM VERY SORRY FOR MY POOR ENGLISH |||
Test enironment ...| winxp pro./admin. , 700E Mhz intel processor... norton antivirus 2002, processor/Hard drive used > less than 10 % of its actual capicity....|... heee... it means the computer has lots of unused resource and is not overloded with works/batch jobs...etc|
Note :-I have just tested this explot in norton antivirus 2002 running winxp |
Simple BACKGROUND.
ok as everybody know....
1). windows can only make cretain number of directory >>> inside directory >>> inside directory... i mean to say .... ok look at this infinite loop and you will understand
________
:hUNT3r
md 1
cd 1
goto hUNT3r
____________
if a batch program is created and executed.... from the above code it seems like the program will create infinite number of directories... into an folder... again... aganin ... and again...
but actually that's false ... windows can't create more than 120 sub directories inside a directory so in the above code... windows will create... 1\1\1\1\1\\1\1\1\1... upto nearly 120 directories.....\1\........ if made in c:\ (root) and then it can't create and contenue with the infinite loop but with a error... 'cannot find the path specified'
2). no-matter a file extension is dll, vxd, jpg... etc if we try to open the file from command prompt
for eg. if i type....in command prompt...
c:\me.jpg
windows nt/xp tries it to execute on the basis of priority.... i mean to say.... it first assumes it to be *.com file and tries to execute it as *.com , then exe... chm...bat.... etc (actually i forgot the sequence) ... anyway....
so if a trojan renames itself to hUNT3r.dll and calls a bat job to execute it... win nt/xp excute's it as hUNT3r.exe .... regardless of its extension....
another funny thing i came across was... nav (NORTON ANTI-VIRUS ) ignores a file little bit... i guess (if i am not wrong)
starting with ' $ ' and ending with ' .sys.dll ' <<<sounds strange but i found that... in my experiment...
so the exploit begins...
HOW TO EXECUTE A VIRUS / TROJAN IN WINDOWSXP >>> RUNNING NORTON ANTIVIRUS 2002 EVEN WHEN AUTO-PROTECT IS ON ??? >>>SO THAT NORTON DON'T CLAME IT AS A VIRUS AND LET IT EXECUTE....
ok as i told above ... windows cant create more than 120 sub-directories (in fat32 <i haven't tryed it on ntfs and fat... go try it...>>>
it seems amazing... but if a trojan or virus is in the 120th { sometimes... in between 118-120 th... if it is in root drive } directory or may be the last directory that windows can support....... norton sKips this file ???why??? to scan....!!! and let it execute even it is a trojan..../ virus... |ok i understand ... my english is very poor and you are bit confused.... ok .... you will understand me .. when you will extrat the begin.exe .... in a folder named ' begin ' ((( it will extract in c:\ >>>root>>>let it be there where it is ... don't change the path or it won't work.... because it is proprely calculated fo demonstration.. ... ))) $$$ A hacking tool... not a virus... but norton clames it to be a virus...heee...will be extracted in the last directory 119th subdirectory... that windows supports}}} ... double click the begin.bat... it will start a batch program and call the hacking tool to execute... if you do a virus scan manually ... i am 100 % sure norton clames it to be a hack.tool <<< but but when it executes ... norton remains silent... so guess what...???
you can ship trojan or port bommers to your network (running winxp with nav 202) ... and execute it without the notifcation of admin..../nav because i am sure you don't have right to disable antivirus nad antivirus don't allow you to run such program (temporarily) in your network right....
have fun....
____________________________________________________________________________
how dod i found it ...
heee... actually i was programming a virus and a very cool remote trojan ... and experimenting few things....bingo... i found it....
USE THIS TRICK FOR YOUR BENIFIT OR TO KEEP YOURSELF SECURE.....
(winxp pro users with nav2002... running...help me verify this...
actually i have submitted it to norton for quiry....)
