Happy Weekend, everybody!
I was involved in another client sales pitch elevator meeting on Friday afternoon.
This time I boarded the elevator on the 9th floor with the rest of my team at the same time as one of the owners of my current company who was conducting a tour with someone in charge of something or other from some oil company. I'm hazy on details. I remember on my first day being introducted to this particular owner. I took note of his last name so that future "My mailbox is missing" calls from him wouldn't be answered with my standard "Where did you last see it? Did the mailbox seem depressed?" response.
Anyway, as we boarded, the owner stopped in mid-speech. He introduced us to the guy from the oil company by name (He even got mine and my badge is typically worn backwards, bonus points for pronouncing the first name even if my last name is still my middle name in some parts of the building) and told the client that my team and I are the "brains of the operation".
"If this elevator goes down with these guys on board, our company is sunk."
I was a little floored. Sure, it was laid on thick, but coming from a technology company that considers techs an expense to a chemical company that considers them important to revenue just seems . . . odd?
I apologize for the brief post. I'm working on some geek projects this weekend.
If any are blog-worthy I'll share.
Saturday, September 30, 2006
Friday, September 29, 2006
Yesterday I got a garbled call from Shana a little bit after noon. Since my Cingular phone all but doesn't work from within my building (and also since I had just confronted the Desktop Manager about picking a standardized printing platform "for the love of God") I walked downstairs to return Shana's call from the parking lot out back.
We briefly discussed groceries and my need for diet cola. I forgot to ask for vinegar.
I went back in and hopped back on the elevator.
Also in the elevator was the VP of Sales from my last company, talking to a prospective client about staff technical proficiency and guaranteed uptime and such.
He pretended to not recognize me. Nice.
Now, for the sake of history, it should be noted that (while never named) this particular individual is approximately 40% of the co-workers referred to as "sales asshat" back in the day, with the other 60% being about eight other people.
I'm a big fan of karma. I think that eventually karma will even all things out in the end.
For every bad thing that happens to anyone all over the universe, karma keeps score with the intention of evening that score later on, generally in defense of the little guy.
I think karma needs a cape and a mask.
As the door to the elevator closed, I thought about all the horrible things people do to each other every day and I began to be concerned for karma. That is one enormous list at the end of the day. Since I had a few minutes, I decided to help karma out a little, free up some time for karma later in the day so that maybe karma can squeeze in a nap or a couple of rounds of Unreal Tournament.
I smiled and turned and laughed and apologized to the VP of Sales from my last company that I almost didn't recognize him, having left my glasses (for the record, reading only ;)) upstairs.
I made a point to call him by name and ask how he'd been. I also pretended that I hadn't noticed he was trying to close a deal with the third occupant of the elevator.
I talked about the great time I had at the sales/tech mixer that one time and asked how another former co-worker's baby was doing.
Still conversationally, I asked him if they had really instituted random drug testing of the technical staff and if it had caused, through test failures and panic, as massive a turnover rate as I'd heard.
Then I asked how the new techs were working out, knowing they hired the bottom of the barrel this last time.
He blinked at me a bunch of times and had no coherent response.
As I got off the elevator nine floors later, I asked him to call me for lunch sometime and shook my phone at him as if he has the number.
Still smiling my friendliest smile, I thought again about karma. Maybe karma can catch a movie later with the free time I just created. I recommend Snakes on a Plane.
We briefly discussed groceries and my need for diet cola. I forgot to ask for vinegar.
I went back in and hopped back on the elevator.
Also in the elevator was the VP of Sales from my last company, talking to a prospective client about staff technical proficiency and guaranteed uptime and such.
He pretended to not recognize me. Nice.
Now, for the sake of history, it should be noted that (while never named) this particular individual is approximately 40% of the co-workers referred to as "sales asshat" back in the day, with the other 60% being about eight other people.
I'm a big fan of karma. I think that eventually karma will even all things out in the end.
For every bad thing that happens to anyone all over the universe, karma keeps score with the intention of evening that score later on, generally in defense of the little guy.
I think karma needs a cape and a mask.
As the door to the elevator closed, I thought about all the horrible things people do to each other every day and I began to be concerned for karma. That is one enormous list at the end of the day. Since I had a few minutes, I decided to help karma out a little, free up some time for karma later in the day so that maybe karma can squeeze in a nap or a couple of rounds of Unreal Tournament.
I smiled and turned and laughed and apologized to the VP of Sales from my last company that I almost didn't recognize him, having left my glasses (for the record, reading only ;)) upstairs.
I made a point to call him by name and ask how he'd been. I also pretended that I hadn't noticed he was trying to close a deal with the third occupant of the elevator.
I talked about the great time I had at the sales/tech mixer that one time and asked how another former co-worker's baby was doing.
Still conversationally, I asked him if they had really instituted random drug testing of the technical staff and if it had caused, through test failures and panic, as massive a turnover rate as I'd heard.
Then I asked how the new techs were working out, knowing they hired the bottom of the barrel this last time.
He blinked at me a bunch of times and had no coherent response.
As I got off the elevator nine floors later, I asked him to call me for lunch sometime and shook my phone at him as if he has the number.
Still smiling my friendliest smile, I thought again about karma. Maybe karma can catch a movie later with the free time I just created. I recommend Snakes on a Plane.
Wednesday, September 27, 2006
I was enjoying my ride home on I-10 this afternoon when I got hit.
The most awesome idea for a novel just struck me, broadside, and I had no choice but to take note of character names in anticipation of NaNoWriMo.
I'm not starting early, but I couldn't help but write down a few things.
Good ideas flee me like cats run from a screaming idiot. Only less humorously.
This morning I broke Scotland. Fortunately not the whole country - just our office there. Anyway, I managed to talk the on-site tech through restoring services while I drove in.
Next time I break Scotland I'll do a poorer job of explaining myself in the hopes that they will send me over to fix the stuff personally.
Later in the day I helped a guy at work by deploying a crappy application for him. He promised me a user list and wandered off. Hours later he stepped back into my cube, visibly angry.
He berated me for not responding promptly to his email and for delaying his deployment. Also he was angry that when I had responded I had feigned ignorance.
Then he leaned back out of the cube and looked at the sign. He read my name plate. Twice, at least.
Then he apologized. He had thought my name was something else supplied by the global address list and sent an email to someone at an office in Wyoming.
I laughed at him. A lot.
I mean seriously. I had to get up and leave. I made it to the men's room (wash your hands six times) and the Coke machine before I had even slowed down.
To be fair, he laughed too. Of course, then he wanted me to do stuff and our relationship fell all apart again.
You know. Like they do.
The most awesome idea for a novel just struck me, broadside, and I had no choice but to take note of character names in anticipation of NaNoWriMo.
I'm not starting early, but I couldn't help but write down a few things.
Good ideas flee me like cats run from a screaming idiot. Only less humorously.
This morning I broke Scotland. Fortunately not the whole country - just our office there. Anyway, I managed to talk the on-site tech through restoring services while I drove in.
Next time I break Scotland I'll do a poorer job of explaining myself in the hopes that they will send me over to fix the stuff personally.
Later in the day I helped a guy at work by deploying a crappy application for him. He promised me a user list and wandered off. Hours later he stepped back into my cube, visibly angry.
He berated me for not responding promptly to his email and for delaying his deployment. Also he was angry that when I had responded I had feigned ignorance.
Then he leaned back out of the cube and looked at the sign. He read my name plate. Twice, at least.
Then he apologized. He had thought my name was something else supplied by the global address list and sent an email to someone at an office in Wyoming.
I laughed at him. A lot.
I mean seriously. I had to get up and leave. I made it to the men's room (wash your hands six times) and the Coke machine before I had even slowed down.
To be fair, he laughed too. Of course, then he wanted me to do stuff and our relationship fell all apart again.
You know. Like they do.
Anyone that has ever visited a Mac-centric website or seen a commercial can tell you that Windows machines are subject to thousands of pretty nasty worms, trojans and viruses. Keeping a personal computer secure is a big job. If you multiply that times the 2500 servers and workstations at a company the size of mine (by no means the largest) you can imagine how managing virus mitigation in an Enterprise is a massive undertaking.
The way corporate environments generally do this is through a central management server.
Norton, McAffee and TrendMicro all make solutions that remotely manage anti-virus programs on remote systems.
In real-time, the workstations and servers are scanned, patched and cleaned and reports are generated. The central server pushes out virus pattern files and ensures minimal impact from the latest threats.
Want to know how to break that?
At this point, I'm going to have to ask anyone evil to stop reading.
Seriously, Darrell.
Ok. Here is what happens:
1. Some viral nastiness arrives on a workstation and is discovered by the Anti-virus Management Server
2. The virus is quarantined and the workstation is repaired if possible
3. The virus definition file is transferred to the Management Server to be added to an update list
That's nice. After a while "Workstation [userwenttoagamblingsite] has been cleaned" messages start to become almost comforting.
"The management server is looking out for us," we think. And we are right.
After being added to the master list, the definition is deployed to the definitions folder on all managed systems in the environment so that the client can be aware and shut down the virus if it ever turns back up. But it shouldn't, since we have our friend the Management Server.
Viruses have become more sophisticated while becoming smaller. Some of the earlier viruses were big nasty executables easily blocked and quarantined. Find one. You can pick one of these up on just about any file-sharing network, either through a direct search or by pulling down media files until one happens to be infected. Both methods could take about the same amount of time.
You will need to package the virus with a few things, but all are smaller than a circa-2004 virus.
Release the virus (with some additional components) onto a corporate network.
The old virus will be quickly caught - no damage done - and removed to a secure location. It gets interesting after it is copied to the definitions folder on the Management Server.
The additional things we added to the virus start doing their thing. A small batch file calling the "at" command can, in turn, call a utility that renames the extension on a virus definition file (generally *.dat) back to *.exe or *.cmd. A quick Google search returned over a thousand places to get those utilities and most are free and under 20kb in size. Don't forget to package that with your old-school vintage virus. Also, you may want to avoid registering the freeware with your actual email address.
So now you have a reactivated virus in the definition folder on the Management Server. Guess what the ONLY location never scanned for viruses on an Anti-virus Management Server is?
This extension change registers as a change in the Management Server definitions folder, so the newly renamed file is pushed to the definition folders on all work stations and servers.
The remote definition folders are also never scanned.
Congratulations! In less than a minute (network bandwidth permitting) you now completely own an entire corporate I.T. environment. Feel free to blue-screen them, or remotely control them, or send spam or steal data. Whatever. You run your virus as the Anti-Virus Management Server.
It should be noted that this tactic will only work on systems that can run the client for an Enterprise Anti-virus product. These systems are Windows 95, all four versions of Windows 98, Windows ME, Windows 2000, Windows 2003 and Windows XP. Since licensing is done by workstation, anti-virus companies want to make sure they can get paid for as many workstations as possible.
Clients have already been developed for Windows Vista too, Darrell.
The way corporate environments generally do this is through a central management server.
Norton, McAffee and TrendMicro all make solutions that remotely manage anti-virus programs on remote systems.
In real-time, the workstations and servers are scanned, patched and cleaned and reports are generated. The central server pushes out virus pattern files and ensures minimal impact from the latest threats.
Want to know how to break that?
At this point, I'm going to have to ask anyone evil to stop reading.
Seriously, Darrell.
Ok. Here is what happens:
1. Some viral nastiness arrives on a workstation and is discovered by the Anti-virus Management Server
2. The virus is quarantined and the workstation is repaired if possible
3. The virus definition file is transferred to the Management Server to be added to an update list
That's nice. After a while "Workstation [userwenttoagamblingsite] has been cleaned" messages start to become almost comforting.
"The management server is looking out for us," we think. And we are right.
After being added to the master list, the definition is deployed to the definitions folder on all managed systems in the environment so that the client can be aware and shut down the virus if it ever turns back up. But it shouldn't, since we have our friend the Management Server.
Viruses have become more sophisticated while becoming smaller. Some of the earlier viruses were big nasty executables easily blocked and quarantined. Find one. You can pick one of these up on just about any file-sharing network, either through a direct search or by pulling down media files until one happens to be infected. Both methods could take about the same amount of time.
You will need to package the virus with a few things, but all are smaller than a circa-2004 virus.
Release the virus (with some additional components) onto a corporate network.
The old virus will be quickly caught - no damage done - and removed to a secure location. It gets interesting after it is copied to the definitions folder on the Management Server.
The additional things we added to the virus start doing their thing. A small batch file calling the "at" command can, in turn, call a utility that renames the extension on a virus definition file (generally *.dat) back to *.exe or *.cmd. A quick Google search returned over a thousand places to get those utilities and most are free and under 20kb in size. Don't forget to package that with your old-school vintage virus. Also, you may want to avoid registering the freeware with your actual email address.
So now you have a reactivated virus in the definition folder on the Management Server. Guess what the ONLY location never scanned for viruses on an Anti-virus Management Server is?
This extension change registers as a change in the Management Server definitions folder, so the newly renamed file is pushed to the definition folders on all work stations and servers.
The remote definition folders are also never scanned.
Congratulations! In less than a minute (network bandwidth permitting) you now completely own an entire corporate I.T. environment. Feel free to blue-screen them, or remotely control them, or send spam or steal data. Whatever. You run your virus as the Anti-Virus Management Server.
It should be noted that this tactic will only work on systems that can run the client for an Enterprise Anti-virus product. These systems are Windows 95, all four versions of Windows 98, Windows ME, Windows 2000, Windows 2003 and Windows XP. Since licensing is done by workstation, anti-virus companies want to make sure they can get paid for as many workstations as possible.
Clients have already been developed for Windows Vista too, Darrell.
Monday, September 25, 2006
Monday was all about user issues at work. I'd resolve one (usually through routing it back to the Help Desk) and two more would pop-up like some big geeky mythological monster.
Not everything requires a double-click. Some stuff is a single-click. I type that now because I easily said it thirty times today.
No one is less surprised by user issues than me. It isn't like Bruce Willis was dead the entire time.
At one point I wrote up a quick draft of a simple, 100% effective method of solving all user issues. I'll share:
1. Connect to the user's local computer
2. Drop 2.5 gigs of stolen MP3s onto the hard drive (takes about 4 minutes over the gigabit connection)
3. Conduct a "random" scan of some "assorted" network segments
4. Let HR handle the user issue from that point on
This will gradually eliminate future calls to the support number and allow the I.T. staff to take progressively longer coffee breaks which, in turn, will allow the magic of caffeine to increase our productivity over time.
There is an additional step:
6. Profit
Step 5 is sadly still under development. :(
Monday night I sat down in front of the PS2 and killed some vampires. Gwynyth let me know they were doing a better job than I was and she wouldn't listen to my complaints of not knowing my sword button from my health potion.
And I thought about the impending PS3.
As described, it is an amazing piece of work. I've done some math and some research.
It seems the new chips aren't being produced quickly enough, which causes delays while driving up the cost. It is also rumored that the new chips won't run the old games, which has causes Sony to add the inner workings of the PS2 to the PS3 to solve compatibility issues. The Blu-Ray DVD adds $200 to the cost of the materials. All told, these consoles will sell for $599 but cost almost $1000 to produce. This does not include marketing. Additionally, the games will cost $10 more per title than the exact same games on the X-Box 360 and the Nintendo Wii. Sony claims the price increase is due to the extra features but it is a thinly veiled attempt to recoup some of the losses as quickly as possible.
If Sony finds the anticipated 6,000,000 people to buy a PS3 between November and April, they will lose $2.4 billion dollars to do it.
Historically, Sony was owned by Japanese families who culturally understand that long-term profits are admirable. However, since the release of the PS2 Sony has been merged with Columbia and is now over 50% "pwn3d" by Americans with our world-renowned impatience.
The market for Trinitrons and Walkmans is fading alarmingly quickly and movie revenues for the film division are also taking a hit like everything else in Hollywood.
Selling off the film division costs them Spider-man and the subsequent video game sales, adding to the downward spiral when video game sales may be the most profitable division in the whole corporation.
So what do American investors do in a situation like that? Work harder to produce a better product? Start a grass-roots campaign to drive sales and save face?
No. We sell. As quickly as possible.
And so what buyer has both the money to buy Sony and the desire to expand into the home entertainment and portable music business?
Microsoft.
For some time they have been producing TV related products like the Media Center PC and the newly advertised Zune media player is aggressive and in direct competition with Apple.
Could the hot gift next holiday season be the Playstation 360?
Again, it isn't like Bruce Willis was dead the entire time.
Not everything requires a double-click. Some stuff is a single-click. I type that now because I easily said it thirty times today.
No one is less surprised by user issues than me. It isn't like Bruce Willis was dead the entire time.
At one point I wrote up a quick draft of a simple, 100% effective method of solving all user issues. I'll share:
1. Connect to the user's local computer
2. Drop 2.5 gigs of stolen MP3s onto the hard drive (takes about 4 minutes over the gigabit connection)
3. Conduct a "random" scan of some "assorted" network segments
4. Let HR handle the user issue from that point on
This will gradually eliminate future calls to the support number and allow the I.T. staff to take progressively longer coffee breaks which, in turn, will allow the magic of caffeine to increase our productivity over time.
There is an additional step:
6. Profit
Step 5 is sadly still under development. :(
Monday night I sat down in front of the PS2 and killed some vampires. Gwynyth let me know they were doing a better job than I was and she wouldn't listen to my complaints of not knowing my sword button from my health potion.
And I thought about the impending PS3.
As described, it is an amazing piece of work. I've done some math and some research.
It seems the new chips aren't being produced quickly enough, which causes delays while driving up the cost. It is also rumored that the new chips won't run the old games, which has causes Sony to add the inner workings of the PS2 to the PS3 to solve compatibility issues. The Blu-Ray DVD adds $200 to the cost of the materials. All told, these consoles will sell for $599 but cost almost $1000 to produce. This does not include marketing. Additionally, the games will cost $10 more per title than the exact same games on the X-Box 360 and the Nintendo Wii. Sony claims the price increase is due to the extra features but it is a thinly veiled attempt to recoup some of the losses as quickly as possible.
If Sony finds the anticipated 6,000,000 people to buy a PS3 between November and April, they will lose $2.4 billion dollars to do it.
Historically, Sony was owned by Japanese families who culturally understand that long-term profits are admirable. However, since the release of the PS2 Sony has been merged with Columbia and is now over 50% "pwn3d" by Americans with our world-renowned impatience.
The market for Trinitrons and Walkmans is fading alarmingly quickly and movie revenues for the film division are also taking a hit like everything else in Hollywood.
Selling off the film division costs them Spider-man and the subsequent video game sales, adding to the downward spiral when video game sales may be the most profitable division in the whole corporation.
So what do American investors do in a situation like that? Work harder to produce a better product? Start a grass-roots campaign to drive sales and save face?
No. We sell. As quickly as possible.
And so what buyer has both the money to buy Sony and the desire to expand into the home entertainment and portable music business?
Microsoft.
For some time they have been producing TV related products like the Media Center PC and the newly advertised Zune media player is aggressive and in direct competition with Apple.
Could the hot gift next holiday season be the Playstation 360?
Again, it isn't like Bruce Willis was dead the entire time.
More geeky stuff about computers
Ok.
I've been waiting since 1999 for the Linux desktop to displace Windows. Or at least develop into a strong and definitive second choice. It's free. It's stable. It runs well on older machines. It's zealously supported in several frighteningly active online communities.
And it isn't ever going to happen.
There are quite a few reasons, but a few of the biggest are that there are a bunch of distributions and each has it own little differences. It is impossible for most to standardize with all the patch levels, kernel versions, and distribution channels.
Also, it is intimidating. I'd say until you've broken a few desktops loaded with Linux into an unrecoverable state of smoking hard drive you really won't have the comfort level of knowing you can restore it.
There is hope for a unix-based OS standardization, though.
I think in the next five years, Apple's OSX (and whatever follows it) will continue to gain market share until it is a strong number two in desktop operating systems. I don't see it replacing Windows, but the more I learn about it the more I like it.
If you are reading this on a Mac, I apologize. Skip on down to the bottom and post a smug Mac-ish comment.
If you are reading this on a Windows machine, you are familiar with the little buttons on the top right of this window. You can minimize with the little underscore (drop the window to the taskbar and hide it), big box/two smaller boxes (stretch the window to the full screen or shrink it to some setting that probably isn't quite right) or "X" for close.
The result is to get anything really done you can only work in the current active window.
On a Mac, these buttons are basically the same, but better. Window re-sizing is more intuitive. The "maximize" option by default stretches the window to the width of the pane, leaving the user access to the other active windows. For a simple example, if you are using Google Maps in Safari and typing directions in a document to email someone through your mail client when they send you a chat message and an email telling you to not bother, you can see all of it at once and react accordingly.
The Windows user would be minimizing and maximizing windows and listening for notification chimes.
The broader-reaching result is that the Mac user can more effectively multitask, since most have been working with this system for a while. Whether they get anything done is another issue and I think it depends on the user.
The average corporate Windows user talks about multitasking, but I'm certain that whatever the top window is most of the day will get most of that user's attention.
If I'm working a project (long-term) and an issue (emergency) at the same time, you can bet that the project (relegated to the Taskbar for whatever time period) will fall behind.
Anyway, fall behind is exactly what my projects have done lately. I'm the only one stressing about it, but I'm going to go get something done now.
One window at a time.
I've been waiting since 1999 for the Linux desktop to displace Windows. Or at least develop into a strong and definitive second choice. It's free. It's stable. It runs well on older machines. It's zealously supported in several frighteningly active online communities.
And it isn't ever going to happen.
There are quite a few reasons, but a few of the biggest are that there are a bunch of distributions and each has it own little differences. It is impossible for most to standardize with all the patch levels, kernel versions, and distribution channels.
Also, it is intimidating. I'd say until you've broken a few desktops loaded with Linux into an unrecoverable state of smoking hard drive you really won't have the comfort level of knowing you can restore it.
There is hope for a unix-based OS standardization, though.
I think in the next five years, Apple's OSX (and whatever follows it) will continue to gain market share until it is a strong number two in desktop operating systems. I don't see it replacing Windows, but the more I learn about it the more I like it.
If you are reading this on a Mac, I apologize. Skip on down to the bottom and post a smug Mac-ish comment.
If you are reading this on a Windows machine, you are familiar with the little buttons on the top right of this window. You can minimize with the little underscore (drop the window to the taskbar and hide it), big box/two smaller boxes (stretch the window to the full screen or shrink it to some setting that probably isn't quite right) or "X" for close.
The result is to get anything really done you can only work in the current active window.
On a Mac, these buttons are basically the same, but better. Window re-sizing is more intuitive. The "maximize" option by default stretches the window to the width of the pane, leaving the user access to the other active windows. For a simple example, if you are using Google Maps in Safari and typing directions in a document to email someone through your mail client when they send you a chat message and an email telling you to not bother, you can see all of it at once and react accordingly.
The Windows user would be minimizing and maximizing windows and listening for notification chimes.
The broader-reaching result is that the Mac user can more effectively multitask, since most have been working with this system for a while. Whether they get anything done is another issue and I think it depends on the user.
The average corporate Windows user talks about multitasking, but I'm certain that whatever the top window is most of the day will get most of that user's attention.
If I'm working a project (long-term) and an issue (emergency) at the same time, you can bet that the project (relegated to the Taskbar for whatever time period) will fall behind.
Anyway, fall behind is exactly what my projects have done lately. I'm the only one stressing about it, but I'm going to go get something done now.
One window at a time.
Friday, September 22, 2006
Sometimes a work-issued computer has restricted access for an employee account. This is to ensure that the employee can make no harmful changes to the workstation. Mostly, I support this policy. It eliminates headache at the Help Desk and can save the company hundreds of dollars a year in ibuprofen.
While I mostly support the policy, I can't stand it if it is applied to me. There are times when someone might want elevated privileges - to diagnose issues, check system directories, or install awesome (and maybe work-related) applications.
If you find yourself in this situation, you may have no choice but to elevate your own system rights.
In Windows systems, there is a master account called "Administrator". This account can do almost everything you'd ever want to do. However, it is essentially a Unix "Root" account with some of the more powerful bits (like modifying system processes) locked out.
Let's skip "Administrator" and hack the "System" account, which is like the local administrator account but with "Root"-like powers far beyond those of normal accounts.
I will now walk you through the process of obtaining SYSTEM privileges.
To start, open up a command prompt (Start > Run > cmd > [ENTER]).
At the prompt, enter the following command, then press [ENTER]:
Code:
at
Yeah, that's it. Two letters. The "at" command is essentially a scheduler used to perform a function "at" a specified time.
If it responds with an "access denied" error, then we are out of luck, and you'll have to try another method of privilege escalation; if it responds with "There are no entries in the list" (or sometimes with multiple entries already in the list) then we are good. Access to the "at" command varies, on some installations of Windows, even the Guest account can access it, on others it's limited to Administrator accounts. If you can use the "at" command, enter the following commands, then press [ENTER]:
Code:
at 14:35 /interactive "cmd.exe"
I'll break down the preceding code. The "at" told the machine to run the at command, everything after that are the operators for the command, the important thing here, is to change the time (24 hour format) to one minute after the time currently set on your computers clock, for example: If your computer's clock says it's 4:30pm, convert this to 24 hour format (16:30) then use 16:31 as the time in the command.
One minute later, you should see a command prompt pop up, just like it did before we started this project. The difference is that the "at" command runs as SYSTEM, and everything called from there will run as SYSTEM as well.
Typing "explorer.exe" will open a folder displaying local and network drives.
Typing "iexplorer.exe" will give your SYSTEM session access to the Internet.
Typing the path to an installer will allow you to add new software.
Revel in your godlike authority.
Rebooting is probably the fastest way to put the safety back on before something gets broken and questions are asked.
I would be remiss if I did not provide the mitigation solution to this. To prevent this type of foolishness on a system you just need to change the account used by the "at" command.
While I mostly support the policy, I can't stand it if it is applied to me. There are times when someone might want elevated privileges - to diagnose issues, check system directories, or install awesome (and maybe work-related) applications.
If you find yourself in this situation, you may have no choice but to elevate your own system rights.
In Windows systems, there is a master account called "Administrator". This account can do almost everything you'd ever want to do. However, it is essentially a Unix "Root" account with some of the more powerful bits (like modifying system processes) locked out.
Let's skip "Administrator" and hack the "System" account, which is like the local administrator account but with "Root"-like powers far beyond those of normal accounts.
I will now walk you through the process of obtaining SYSTEM privileges.
To start, open up a command prompt (Start > Run > cmd > [ENTER]).
At the prompt, enter the following command, then press [ENTER]:
Yeah, that's it. Two letters. The "at" command is essentially a scheduler used to perform a function "at" a specified time.
If it responds with an "access denied" error, then we are out of luck, and you'll have to try another method of privilege escalation; if it responds with "There are no entries in the list" (or sometimes with multiple entries already in the list) then we are good. Access to the "at" command varies, on some installations of Windows, even the Guest account can access it, on others it's limited to Administrator accounts. If you can use the "at" command, enter the following commands, then press [ENTER]:
I'll break down the preceding code. The "at" told the machine to run the at command, everything after that are the operators for the command, the important thing here, is to change the time (24 hour format) to one minute after the time currently set on your computers clock, for example: If your computer's clock says it's 4:30pm, convert this to 24 hour format (16:30) then use 16:31 as the time in the command.
One minute later, you should see a command prompt pop up, just like it did before we started this project. The difference is that the "at" command runs as SYSTEM, and everything called from there will run as SYSTEM as well.
Typing "explorer.exe" will open a folder displaying local and network drives.
Typing "iexplorer.exe" will give your SYSTEM session access to the Internet.
Typing the path to an installer will allow you to add new software.
Revel in your godlike authority.
Rebooting is probably the fastest way to put the safety back on before something gets broken and questions are asked.
I would be remiss if I did not provide the mitigation solution to this. To prevent this type of foolishness on a system you just need to change the account used by the "at" command.
Subscribe to:
Posts (Atom)
