[Techtalk] Shatter Attacks - How to break Windows

Megan Golding meggolding at yahoo.com
Wed Aug 7 10:21:29 EST 2002

--- Carla Schroder <carla at bratgrrl.com> wrote:
> anyone following Slashdot today?
> http://security.tombom.co.uk/shatter.html
>  "This paper presents a new generation of attacks against Microsoft
> Windows, and possibly other message-based windowing systems. 

This looks like it could be a big thing. Given that the author's
already distributing Shatter, I wonder how many servers will get

I like the author's comments near the end, under the heading, "Why is
this a problem?"

"If that machine is vulnerable to a shatter attack, that user can
gain localsystem privileges and do what they like. Even worse is the
case of Terminal Services (or Citrix). Imagine a company providing
terminal service functionality to their clients, for whatever
purpose. That company is NOT going to give their users any real
privileges. Shatter attacks will allow those users to completely take
over that server; localsystem privileges are higher than the
Administrator, and on a shared server that's a problem. Oh, and it
doesn't require console access either - I've successfully executed
these attacks against a Terminal Server a hundred miles away."

Megan Golding    |    http://www.kalamitykat.com

Do You Yahoo!?
Yahoo! Health - Feel better, live better

More information about the Techtalk mailing list