Batch file
- Thread starter heru79
- Start date
- Status
I work at a computer helpdesk for a local school disctrict THis is what i was given-"My part was to find a way that a user can clck on a link and a batch
file will be automatically downloaded and ran (the "File Download"
window should not pop up). I did not find a solution but .SHTML and SSI,
javascript look promising." That is the information that i have at the moment. i will try to get some more information but that is what i have to work with at the moment. I am assuming these files are safe and inside our network.
file will be automatically downloaded and ran (the "File Download"
window should not pop up). I did not find a solution but .SHTML and SSI,
javascript look promising." That is the information that i have at the moment. i will try to get some more information but that is what i have to work with at the moment. I am assuming these files are safe and inside our network.
Schools are teaching some pretty wierd practices at the moment. Those batch files could potentially be changed to contain anything, and then some user innocently goes and starts a script that says "format c:" just by clicking a link. crazy. Just because a file is inside you're own network, it doesn't nessecarily mean it's safe - and safe is a relative term in the first place when you have a large number of people using the same network.
They must have some kind of reason for it, surely? lol
You could probably do it by using vbscript, but you're still going to get some hefty warnings about running scripts like that unless you completely do away with basic security features on the client machines.
They must have some kind of reason for it, surely? lol
You could probably do it by using vbscript, but you're still going to get some hefty warnings about running scripts like that unless you completely do away with basic security features on the client machines.
I doubt that. Any person writing spyware that actually works is unlikely to be using batch scripting to do it, and wouldn't need to ask how to do it anyway.
It's not a reliable method of script execution. It would essentially be almost a "local code execution" vulnerability - a vulnerability that in the right hands could/would render full administrative access to a machine. (hence the reason for the security advice to turn off scripting in your browser unless you specifically need it)
you'd have to build a complete system of checks and balances to do it safely, which would be no easy task.
It's not a reliable method of script execution. It would essentially be almost a "local code execution" vulnerability - a vulnerability that in the right hands could/would render full administrative access to a machine. (hence the reason for the security advice to turn off scripting in your browser unless you specifically need it)
you'd have to build a complete system of checks and balances to do it safely, which would be no easy task.
paranoid guy
Posts: 408 +0
Why in the world would anyone want to do this? Do you mean that you don't want the ms-dos window to pop up? That's what usually pops up when I use batch files...
heh, just turn off their monitors :haha:
heh, just turn off their monitors :haha:
paranoid guy
Posts: 408 +0
Oh, I thought he was trying to give it to someone on the network 
Still dodgy as hell itself, though :suspiciou
Still dodgy as hell itself, though :suspiciou
paranoid guy
Posts: 408 +0
If he just puts it somewhere that's accessible from any computer on the network there's no need for that dodgy stuff. What was that other question a while ago about not being allowed to use my computer, or something from my computer? I thought my school admin was bad...
- Status
Latest posts
-
Nvidia GeForce RTX 3050 6GB Review: Quiet Release, Dodgy Name- captaincranky replied
-
These credit cards feature OLEDs that light up upon payment- Uncle Al replied
