I’m going to do a small series of posts about a bunch of the topics Jabra and I covered in our presentation on Sunday at DefCon, since we had a ton to cover and a lot of it probably deserves to have a permanent home on the web where people can look at it and talk about it if need be. Also slide-deck form probably isn’t good enough. Anyway, one of the things we discussed was a way to enumerate certain types of files on Windows from within Internet Explorer. This is almost exactly the same issue as the Gregory R. Panakkal’s sysimage disclosure from 2004, for those of you who remember your browser history. Except this variant does not use sysimage, but SMB.
Anyway, it’s my opinion that if sysimage needed to be fixed SMBenum too needs to be fixed since they provide virtually the same insights into a computer, using the same basic technique. Either way, it seemed bad enough to me that I thought it was worth writing up a tool to do it. You’ll note that it works differently on different systems, and there may be a way to optimize it, but I didn’t bother. There’s also a lot of images associated with lots of programs that I didn’t add in, but you get the basic idea.