Penetration Testing mailing list archives
RE: Boot floppy
From: "Scott Ramsdell" <Scott.Ramsdell () cellnet com>
Date: Wed, 11 Apr 2007 10:17:06 -0400
Mifa, I assume you're not in a domain, so you don't have admin privs on the box. (If you are in a domain, sounds like this person needs their own GPO.) I've used this tool to blank out admin passwords many times: http://home.eunet.no/pnordahl/ntpasswd/ Once you have the admin account, use psexec as Zed suggests, or any suitable method. If the remote registry service is enabled you're set. If not, start it. You don't have to launch software from the run keys. Check out Andrew Aronoff's Silent Runners for a list of all the locations you can launch programs from. If the user is security conscience, likely he knows enough to set the local policy to disallow changes to run and runonce. This method requires rebooting, which you suggest you don't want to do. However, it is a boot disk which you also asked for?! Kind Regards, Scott Ramsdell CISSP, CCNA, MCSE Security Network Engineer -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Zed Qyves Sent: Wednesday, April 11, 2007 1:42 AM To: Mifa; pen-test () securityfocus com Subject: Re: Boot floppy Why do you think you have to go to such extremes if it is a company PC? If he is TAKING the PC home instead of HAVING HIS PC at home all the time next time the PC is at company - and you re authorised to perform such a thing - take it apart... If on the other hand you want to spy on that user and see what he is doing with his files I suggest checking with the company's legal department before doing anything else. and finally sounds like a job for psexec... On 4/10/07, Mifa <mifa () stangercorp com> wrote:
We have a user who takes a company computer home with them (no its
not a lap top). We have a good reason to need to look at their files. However, we want to do so without that employ knowing. They seem to know something about security becasue auto runs is disabled and the workstation is always locked with a third party software. INserting a U3 drive will not run a program either. Are there any programs that will boot from a floppy then copy a program to the c drive then wite an auto start entry into the registry? This was the only way I can think of to get the user to install a program..
Any other ideas how we maight gain access? It has to be fast
(bathroom breaks ect). I dont have time to load a live cd. Further, robooting would cause the user to loose work.
------------------------------------------------------------------------
This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016 00000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016 00000008bOW ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Boot floppy Mifa (Apr 10)
- Re: Boot floppy Clint P. Garrison MBA, CISSP, QSA (Apr 10)
- Re: Boot floppy Shreyas Zare (Apr 10)
- Re: Boot floppy jasper . o . waale (Apr 11)
- 答复: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org Cony.Zhou (Apr 11)
- Re: Boot floppy Chris Zevlas (Apr 11)
- Re: Boot floppy Curt Purdy (Apr 13)
- Re: Boot floppy jasper . o . waale (Apr 11)
- Re: Boot floppy berg (Apr 10)
- Re: Boot floppy Zed Qyves (Apr 11)
- RE: Boot floppy Scott Ramsdell (Apr 11)
- Re: Boot floppy Tim (Apr 11)
- Re: Boot floppy Anders Thulin (Apr 11)
- RE: Boot floppy Marvin Simkin (Apr 11)
- RE: Boot floppy Pretorius, Wynand (ZA - Johannesburg) (Apr 11)
- Re: Boot floppy Sat Jagat Singh (Apr 11)
- Re: Boot floppy Danyelle Gragsone (Apr 11)
- Re: Boot floppy Jamie Riden (Apr 11)
- Re: Boot floppy Juergen Fiedler (Apr 11)
- RE: Boot floppy Wiedemann, Adrian (Apr 11)
- <Possible follow-ups>
- RE: Boot floppy Mifa (Apr 13)
(Thread continues...)