[Dailydave] Vista speach recognition

Rich Mogull rmogull-dd at securosis.com
Tue Jan 30 20:05:31 EST 2007 

I just tested this on Vista and it works.

Running Vista Ultimate in Parallels on my Mac I enabled voice  
commands, then recorded a simple command and played it back. Using  
the mic and speakers on my Mac the commands executed. Sound quality  
was actually terrible because of poor Vista performance in the VM.

But UAC seems to stop it. At the suggestion of Dave Maynor I tried to  
create a new user account. The usual UAC window popped up and no  
voice commands seemed to work.

I suspect anything that avoids the "final" (greyed out background)  
UAC dialogs will work, but looks like UAC stops it. At least in my  
quick test...

-rich


On Jan 30, 2007, at 2:27 PM, George Ou wrote:

> Voice command is autoloaded if you calibrate the system and enable  
> Voice commands.  You can actually activate voice command mode by  
> saying a certain phrase.  If this exploit works, you could say that  
> phrase first and then start your commands.  Then you'd say "start",  
> "cmd", "enter", then bark out the commands you want.  This assumes  
> it works and that no one near the PC gets suspicious :).
>
>
> George
>
> From: dailydave-bounces at lists.immunitysec.com [mailto:dailydave- 
> bounces at lists.immunitysec.com] On Behalf Of Dave Aitel
> Sent: Tuesday, January 30, 2007 12:48 PM
> To: dailydave at lists.immunitysec.com
> Subject: Re: [Dailydave] Vista speach recognition
>
> That's a great idea! If the Microsoft people have thought of it, no  
> doubt they ignore any sound coming out of the speakers, so you'll  
> have to rely on an echo effect. Essentially you can always win if  
> your model of the acoustic properties of the room is better than  
> Vistas. :> Many speech recognition systems I've seen require the  
> user to press a button first, of course. :> I haven't tested  
> Vista's. I have, however, gotten CANVAS working on Vista. ( http:// 
> www.immunityinc.com/images/CANVAS_on_Vista.png). So far I recommend  
> it over Windows XP SP2 because I think they removed that broken  
> limitation from the TCP stack where you could only make 5  
> connections at once.
>
> Also, here is an article about Evgeny! ok. Not entirely about  
> Evgeny. Mostly about people buying bugs. For someone who's wife is  
> a lawyer in this field, there's a lot of "apparently legal" talk in  
> it. It's just plain legal! Everybody deal.
> http://www.nytimes.com/2007/01/30/technology/30bugs.html? 
> pagewanted=1&_r=1
>
> -dave
>
> On 1/30/07, Sebastian Krahmer <krahmer at suse.de > wrote:
>
> Hi,
>
> I am in no way an Win expert but recently I read that
> vista will support commands as they are spoken by the user.
> What about websites where the browser is playing wav or similar
> audio files upon visiting? what if they contain spoken
> commands? An exploit audio file which speaks something like
> 'open shell' would be cool, eh?
>
> Sebastian
>
>
> --
> ~
> ~ perl self.pl
> ~ $_='print"\$_=\47$_\47;eval"';eval
> ~ krahmer at suse.de - SuSE Security Team
> ~
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.immunitysec.com/pipermail/dailydave/attachments/20070130/ca42041c/attachment.htm

More information about the Dailydave mailing list