AFAIK, PostThreadMessage only works on local machine.

pskill will also ask for a password, Brett's code will bypass
security checks (tested on my win2k sp4 systems).

Correct me too if I'm wrong :-)

Ciao

---------------------------------------------------------------
Maxime Ducharme
Administrateur reseau, Programmeur
Pandore-Design [http://www.pandore-design.com]

----- Original Message -----
From: "Thor Larholm" <thor (at) pivx (dot) com [email concealed]>
To: "Brett Moore" <brett.moore (at) security-assessment (dot) com [email concealed]>;
<bugtraq (at) securityfocus (dot) com [email concealed]>
Sent: Thursday, October 02, 2003 1:38 PM
Subject: Re: Process Killing - Playing with PostThreadMessage

> Feel free to correct me if I am wrong, but isn't this also how the PSKill
> application from SysInternals work?
>
> http://www.sysinternals.com/ntw2k/freeware/pskill.shtml
>
>
>
> Regards
> Thor Larholm
> PivX Solutions, LLC - Senior Security Researcher
>
>
> ----- Original Message -----
> From: "Brett Moore" <brett.moore (at) security-assessment (dot) com [email concealed]>
> To: <bugtraq (at) securityfocus (dot) com [email concealed]>
> Sent: Wednesday, October 01, 2003 10:28 PM
> Subject: Process Killing - Playing with PostThreadMessage
>
>
> >
========================================================================
=
> > = Process Killing - Playing with PostThreadMessage
> > =
> > = brett.moore (at) security-assessment (dot) com [email concealed]
> > = http://www.security-assessment.com
> > =
> > = Originally posted: October 02, 2003
> >
========================================================================
=
> <snip http://msgs.securepoint.com/cgi-bin/get/bugtraq0310/23.html>
>

[ reply ]