将 SMB 添加到 Windows，这有多安全? [英] Adding SMB to Windows, how safe is this?

问题描述

我遇到了一个小黑客，它声称它在 Windows 上启用了 smb://.
抱怨是 text</a> 之类的东西不起作用.
虽然您可以在 url 中使用 file://///，但用户希望使用 smb://以便它是跨平台的.

I came across a small hack, which claims it enables smb:// on windows.
The complaint was that things like <a href="\\computername\path\file.ext">text</a> weren't working.
While true that you can use file:///// in your url's, the user wanted to use smb:// so that it's cross-platform.

黑客攻击如下:
1) 创建这个 Reg 文件，保存并执行它:

The hack goes as follows:
1) Create this Reg file, save and execute it:

REGEDIT4

[HKEY_CLASSES_ROOT\smb]
@="URL:smb Protocol"
"URL Protocol"=""

[HKEY_CLASSES_ROOT\smb\shell]

[HKEY_CLASSES_ROOT\smb\shell\open]

[HKEY_CLASSES_ROOT\smb\shell\open\command]
@="\"C:\\smb.bat\" \"%1\""

然后在您的 C 文件夹中创建 smb.bat 文件，其中包含:

And then create the smb.bat file in your C-folder, containing this:

@echo off
cd C:\
set url=%~dpnx1
explorer \%url:~7%
exit

我的问题:这有多安全，以及对此有何其他想法?除了 file://///我的意思.

My question: how safe is this, and any other thoughts on the matter? Besides the file:///// thing I mean.

推荐答案

对我来说，它看起来该死很危险，因为它允许任何网站放置\\RESOURCENAME"URL，无论上下文如何都可以工作，如果您单击这样的链接，将调用 smb.bat.我并不完全理解批处理语法(尤其是 ~ 部分)，但在我看来，可以将任何类型的参数传递给 explorer.exe.

To me, it looks damn dangerous because it allows any website to place "\\RESOURCENAME" URLs, which will work regardless of context, and smb.bat will be called if you click such a link. I don't entirely understand the batch syntax (the ~ part especially) but it seems to me it's possible to pass any kind of argument to explorer.exe.

可能没有直接的危险，因为外部攻击者不太可能猜到您已经设置了此设置.不过，它不是安全的.

There's probably no immediate danger because it's very unlikely an outside attacker would guess you have this set up. Still, safe it's not.

这篇关于将 SMB 添加到 Windows，这有多安全?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！