Comments on: Windows Vista Vulnerable to StickyKeys Backdoor

By: mcgrimus

mcgrimus — Tue, 05 May 2009 12:46:46 +0000

“Windows Vista Vulnerable to StickyKeys Backdoor”

Am I really the first one here to say, “That’s what she said!” to this??

By: Someone

Someone — Sat, 02 May 2009 06:59:25 +0000

Works on 100% of campus computers. Kind of scary the potential information someone nefarious can get. Keylogger anyone?

By: Windows Admin access via Sticky Keys | Daniel (Moird) Myers

Windows Admin access via Sticky Keys | Daniel (Moird) Myers — Mon, 27 Apr 2009 16:13:40 +0000

[...] a really interesting hole in windows that has a variety of potential. I am going a bit off the original post with some added information. It seems though that a lot more people out there don’t see this [...]

By: Vista Vulnerabilities « Brian Ladd’s Blog - Notes on Life

Vista Vulnerabilities « Brian Ladd’s Blog - Notes on Life — Thu, 13 Nov 2008 15:13:59 +0000

[...] Vista Vulnerabilities http://www.avertlabs.com/research/blog/index.php/2007/03/12/windows-vista-vulnerable-to-stickykeys-b... [...]

By: MiniNoticias » Blog Archive » No tardes cuando vayas al baño

MiniNoticias » Blog Archive » No tardes cuando vayas al baño — Tue, 26 Aug 2008 20:58:30 +0000

[...] en Windows Vista, como XP, 2000, y usando otras aplicaciones. Uno de estos ejemplos es el de las sticky keys, sethc.exe, comentado por uno de mis compañeros en nuestras listas. Al igual que la anterior, se [...]

By: Mervin

Mervin — Sun, 29 Jun 2008 18:09:10 +0000

“an attacker can use this method to bypass login on terminal servers and workstations with the remote desktop enabled. Since no third-party tools are being installed on the system and we are using Microsoft’s own files to achieve this, it will be difficult to detect for a typical administrator.”

I just discovered couple of terminal servers in our university network where one could remote backdoor into using this Sticky-key backdoor method with full SYSTEM rights. So this technique is being used by bad guys and its shocking that M$ still don’t protect sethc.exe and utilman.exe with windows file protection!!!

By: Joe

Joe — Sat, 14 Jun 2008 17:20:55 +0000

Or, you could just turn off StickyKeys altogether. That would just about solve that problem.

By: Rory

Rory — Wed, 11 Jun 2008 20:46:06 +0000

WRONG!
You don’t need admin access. Pop in Auditor or backdoor linux boots and in five minutes flat you can have the ’sploit in place and running.

By: Tyrel “DotCom” Souza » Lazy CMD prompt?

Tyrel “DotCom” Souza » Lazy CMD prompt? — Wed, 11 Jun 2008 19:56:03 +0000

[...] described in StickeyKeys Backdoor, you can swap sethc with cmd.exe and instead of stickey keys coming up when you hit shift five [...]

By: GhaFear

GhaFear — Tue, 27 May 2008 16:12:28 +0000

I see a point, as far as the exe can’t be replaced unless you have admin access.

But I have a problem with the login and loading a desktop. There should no way under any situation it being able to bypass it.

GhaFear