-
Vulnerability description: When Windows 2000 runs to the login verification prompt interface, any user can open the help bar of various input methods, and can use some of its functions to access the file system. This means that the user login authentication mechanism of Windows 2000 can be bypassed, and the entire system can be accessed with the highest administrator privileges, so the harm of this vulnerability is great, and when we enter the system, we can also use the vulnerability of terminal server remote communication to attack the system.
The default Windows 2000 system comes with this vulnerability in the input method:Smart ABC、Microsoft Pinyin、Internal code、Pinyin、Larry and Zheng code input method。
Bug fixes: 1) Delete unnecessary input methods, such as Zheng code, etc.
2) Delete the help file of the input method. These help files are usually located in the Windows 2000 installation directory (e.g., in the Winnt Help directory, the corresponding help files are:
Input method operation guide.
Larry input method help。
Zheng code input method help.
Spelling input method help.
Encoding input method help.
3) Microsoft Corporation has issued MS00-069 security advisory for this issue and has patches for Chinese Simplified Chinese Windows 2000 and English Windows 2000 on the Internet. Go for a patch and install it and you're good to go.
-
Re-implant the input method software.
-
Go to the official ** up and down patches, just hit it, there's no need to be so troublesome.
-
The vulnerability has now been fixed, so this may not be successful.
-
Intelligent ABC input method is probably the most used input method in Internet cafes,How many people are professional in using Wubi input method? Therefore, it is impossible for Internet cafes not to be equipped with ABC input method.
However, the smart ABC input method has a function that causes a forced interruption of the program. If you don't believe it, you can try it, create a new text file on the desktop of your computer, open it, call the intelligent ABC input method, and then press V + Del + Enter, is the cursor in the window stopped flashing? Mouse cursor "dead"?
Apparently the program stopped running. Move the spacebar, and the program disappears. Some programs will show up a dialog box that says, "XX memory cannot be read-only......You click "OK" and the program is gone (some points are several clicks).
Take advantage of this, you can forcibly interrupt network management software such as Zhuqiang "Meiping", "Fangzhu" and "Vientiane" to see what else it can block. Of course, if the shield turns into a white screen after interrupting these apps, you can press the F5, Win, ESC, etc. keys or press "Start" several times. Normally, you can see the desktop.
-
Stop the cursor on the text of the user name,Then use Ctrl+Shift to convert the input method,It seems that only English and smart ABC can not be used,Click on it with the mouse to build right,You will find that there is a "help",Right? Is it gray or black, if it's gray, it means it's patched, discard!
If there is no patch, click the mouse right in the left box to see a jump to the ......and enter it inside.
C: Winnt System32, let's be sure! A display file will appear on the right.,Okay,In the drop-down,See that the executable file is not.,Just choose one.,Create a shortcut.,Find this file below.,Click on the right to build.,Select Properties.,In the properties.,This is the key.,Find C:
winnt\system32\*.exe no.,Change the * sign to net first.,The whole is c: winnt system32 user kuyu kuyu add.
This command should be understood, it's to add yourself to the user group.,The kuyu in front is the user name.,The password in the back.。
Remember to add a little ok.,It's still going to run.,It's just to double-click the shortcut file just now.。 How is this permission enough?,Add it to the management group.,C: winnt system32 localgroup administrators kuyu add It's OK.,OK to run it again.。
I don't need to explain this.,It's to add this kuyu to the management group.,Now if you enter the system, you can do anything.,Hurry back to the previous login system to try.,This username can be logged in or not.,Hooray.,Go in.,I wish you success.,Friend!
-
With win2000 input method vulnerability can not log in to the system, is to see the files in the hard disk can delete the files, and so on!
-
It doesn't seem to have anything to do with the port. The input method is hijacked or corrupted by a virus, and a certain port is used to send stolen information.
-
Input method vulnerability? Which one exactly?
The earliest input method vulnerability is win2000 by switching the input method,You can bypass the login password。
-
The opposing machine is 2000.
It's been made up for a long time now.
Of course, it's Sogou, ABC needs to find many words one by one, but Sogou can generally come out with a good word, because Sogou and the Internet are synchronized, and new words can be updated when they come out, and ABC can't do it. There is also a pass for Sogou, so that even if you go to an Internet café, you only have to enter the pass, so you can type out the words you are used to in a dozen, and you don't have to look for them one by one. There is also Sogou can be exchanged for cute and cool**, typing can be so beautiful, and the number of input words and typing speed that can be recorded. >>>More
Pole Wubi official version (The following explanation is summarized after using the pole yourself, please read carefully.) >>>More
With Sogou. Go ahead and give it a try.
Super Internet thesaurus, all-encompassing. >>>More
Generally, there is a writing board in Sogou.,The kind that writes with a mouse.,It seems that the Internet has not seen the same stroke input method as the mobile phone...
Right-click the language bar - Settings - Add - Enter the language (Korean) - OK - Apply to it. I remember that Korean is the same as Korean. >>>More