opening window applications by URL

hello everyone

i am having some trouble here

when we type this in the address bar

C:

we get into the C: drive

when we type this

C:(path to command prompt)/cmd.exe

a prompt opens to download the application.

is there a way 2 run it and make it run commands??;)

0blivi0n wrote: hello everyone

i am having some trouble here

when we type this in the address bar

C:

we get into the C: drive

when we type this

C:(path to command prompt)/cmd.exe

a prompt opens to download the application.

is there a way 2 run it and make it run commands??;)

Why don't you save yourself a lots of time by going to start>run and type cmd?

Try with the command start or start cmd/cmd.exe all of them should work.

guys you are not getting my point

it's not for my computer!!!

i am asking if we can initiate application's by just redirecting user to a webaddress looking like……

c: path to cmd /cmd.exe

i am having trouble running the cmd cuz it asks us to download it

i want to run commands in it simply by using URL

i wish i knew how to do tht aswell

im ksure it can be done but i think you have to tell your browser to handle the url differently or it is possible that you can embed it in a webpage, but i dunno how to do it just from the url?

So you want to link someone to the file cmd.exe? Or you want to remotely execute it? If you want to remotely execute something, you have to have execute set in your permissions. And you can't link someone directly to cmd. You can do something like this tho:

[img]http://tinyurl.com/25c53y[/img]

:)

file://c:\windows\system32\cmd.exe i'm pretty sure that'd work as a html tag… bb i dunno

richohealey wrote: file://c:\windows\system32\cmd.exe i'm pretty sure that'd work as a html tag… bb i dunno

yea, asks for permission though.

richohealey wrote: file:///c:/windows/system32/cmd.exe i'm pretty sure that'd work as a html tag… bb i dunno

For one, 3 slashes are needed for File:/// and secondly, use the same direction of slashes ;)

However, it's incredibly impractical…..what are you trying to do? What's your objective? I could help you much easier if I know what you were trying to achieve :D

Oooooo I just read the whole ops post, I must have skipped over 'and run commands'. No, I'm almost positive this can not be done.

No it's possible. Like for telnet, you could do

telnet:\\127.0.0.1:80

However. For like some other commands, I'm not sure. I'm sure if you looked long enough on google or something you could find it.

Der Heiligen wrote: No it's possible. Like for telnet, you could do

telnet:\\127.0.0.1:80

However. For like some other commands, I'm not sure. I'm sure if you looked long enough on google or something you could find it.

No shit that's possible….what do you think the popup is in this thread? :D

guys strain ur brain a little bit..

it's not impossible but m also helpless…:(

i have tried using direct link to cmd.exe but thn it asks us to download the file…not run it!!

so what can we do??……..

its file:// actually

It's not possible unless it was embedded in another exploit, which would have to be based on the user's browser. To do this, the application would have to silently run.

Something like, let's see if i can find something:

http://www.greymagic.com/security/advisories/gm001-ie/

You can do it via php… if your trying to exploit a MS IIS server or a LAMP based one you could easily write a simple script to do it.