![pen-test logo](/images/pen-test-logo.png)
Penetration Testing mailing list archives
Re: IIS & w2k
From: Tom Fischer <Tom.Fischer () rus uni-stuttgart de>
Date: Mon, 4 Jun 2001 21:54:56 +0200
Hi, On Mon, Jun 04, 2001 at 09:49:05AM -0500, Luis Javier Perez wrote:
I'm actually doing a pt, and i'm facing a trouble, the scenario has a web server with w2k and iis 5.0, now i have put netcat listening on port 99 and i can browse files and stuff like that but i need to scale privileges, i tried hk but it fails.. is there something like hk for win2k???
elevation of previleges on Windows 2000: - MS00-053 (Service Control Manager Named Pipe Impersonation) exploitcode (adds the current user to the local administrator group) is available (pipeupadmin) - MS01-007 (Network DDE Agent Request ...) proof of concept code available (http://www.atstake.com) - Gunsiki #45 (Elevation of privileges with debug registers on Win2K) proof of concept code (http://www.guninski.com/dr07.html) ... ciao, Tom Fischer
Current thread:
- IIS & w2k Luis Javier Perez (Jun 04)
- Re: IIS & w2k Tom Fischer (Jun 05)
- <Possible follow-ups>
- RE: IIS & w2k Read, Greg (Jun 04)
- RE: IIS & w2k Yonatan Bokovza (Jun 04)
- Re:IIS & w2k renato.ettisberger (Jun 05)