All I had was a standard user account called 'local' and an Administrator account called 'Simon' - but I didn't know the password for this (see screenshot below).
I however, didn't remember it, however, after a few minutes of Google searching, I figured it would be worth a shot. My main worry, would be that AVG 2014 would detect it and my friend would laugh at my feeble attempt. So, I proceeded to download the code and take some screenshots along the way.
To my amazement, AVG 2014 didn't flag the file once it had downloaded onto the desktop. As you can see in the screenshot below, I used 'cscript <script>' to run the file and it ran through with no errors.
I then checked to see whether an administrator account had been created and it had.
More proof:
I scanned the file with AVG 2014 and it wasn't detected!
Now, this exploit is 4 years old at the time of writing - in the real world, most, if not all machines will be patched, but it brings up an important thing to note: having an anti-virus DOESN'T mean you're protected, even if the exploit is old. I personally use Vipre Anti-virus when i'm using a Windows machine and I did check, and Vipre does pick up this code. This isn't to say AVG 2014 is bad, lots of anti-virus software don't pick up this particular script (according to the results from VirusTotal, where just 17/52 AV's picked up this malicious code!).
Until next time...
No comments:
Post a Comment