run cmd.exe on any pc

I was messing arrowned with python at school the other day and decided to ping Google from python. I was really bored :) Any way I used this simple script import os for line in os.popen('ping google.com'.split('\n')[0]: print(line)

and it worked then I tried other commands and found I had access to the command prompt through it. It is blocked at school and I was ussing python 3. Is this a known vulnerability.

P.S. I built a very crude script that acts as a command prompt and allows me to access most directorys that are blocked at the school as well. Let me know if you have any questions

not really a vunrability but this is a work around whiuch works quite often.

MoshBat wrote: BAT files, command.COM, make an exe that executes system commands. There are a lot of ways.

Making a BAT file or a .com file still doesn't work if CMD is blocked?

Kasper wrote: Making a BAT file or a .com file still doesn't work if CMD is blocked?

command.COM is a cmd-like binary. If CMD is blocked you can sometimes still use that.

You could also use VB script

techb wrote: You could also use VB script MoshBat wrote: make an exe that executes system commands VBScript's an interpreted language. No exe. So, it's still a good option.

MoshBat wrote: You can compile it to an exe.

Wait, what? I thought one post earlier you were making fun of someone creating a binary to make calls to CMD.

MoshBat wrote: Erm, Spy. I suggested making a binary to execute system commands up there in my first post… Now, where you got the making fun of bit from is anyone's guess.

Oh, right, I just now saw you quoted yourself. I thought you were doing a variant of the >implying retort. My bad.

techb wrote: You could also use VB script MoshBat wrote: make an exe that executes system commands define wrote: VBScript's an interpreted language. No exe. So, it's still a good option. MoshBat wrote: You can compile it to an exe. Anyone that actually bothers to roll a script written in a crap language like VBScript into an exe needs to go die in a hole before they reproduce. Other than the complete uselessness of such a task, an interpreted script actually has a better chance at succeeding than an exe in a GPO-heavy environment.

Also, no matter what tools are out there for compiling script languages into exe files, it's not the same thing. Those languages have to be translated into god-know-what to be compiled into an exe. Compiled languages don't deal with that crap. This is the same reason why server-side Javascript will never catch on… because it's a fucking stupid way to do things.

… but, since I can translate PHP code into ASP code (even though it's stupid to), I'll start answering PHP questions with ASP snippets and just beat the thread to death with ignorant self-quotes until it fucking dies and another crap thread takes its place.

Because PHP code can be translated to ASP.

That's an analogy.