i use nitro pdf software's PrimoPDF to convert files into pdf documents. but once upon a time, when PrimoPDF asked me where to save the pdf document, i saved the file to the desktop. then i checked the desktop and the pdf was nowhere to be found. so i tried printing again, and the save as dialog box showed that the file actually was already on the desktop. weird! refreshed the desktop, still not there.
so i right clicked the file from within the save as dialog, and went to properties to confirm that the file was on my desktop.
i am on a restricted user account. how did i save a file to a file in system32? it looks like the desktop button is mapping to the system's desktop. weird! the full path to the file was C:\WINDOWS\system32\config\systemprofile\Desktop.
i suspected PrimoPDF might be running as the SYSTEM. and it was...
what's the big deal, you might ask?
on a pc with primopdf installed, all users have admin access and can easily make themselves administrators. D=
let me show you how you can make yourself an administrator on a limited user account on a computer with primopdf installed.
1. print something. anything. choose "PrimoPDF" as the printer.
2. click "Create PDF" when PrimoPDF appears.
3. when prompted to save the pdf, type this in the file name field: c:\windows\system32\*.exe
4. hit "enter", and find "cmd" in the list.
5. right click on "cmd", and click "open".
6. you now have a command prompt running as the system!
7. now, promote yourself to have access to everyone else's files! just type this:
net localgroup administrators /add "%username%"
my friends can log on to my computer using the guest account, make themselves an admin account and delete all my stuff. my dad's accountant can remote desktop onto my dad's computer, promote themselves and steal all our company's secrets. thanks nitro!
luckily, there are many more free pdf creators. see all these great alternatives to nitro's software:
http://alternativeto.net/software/primopdf/
