Vulnerability Development mailing list archives
Re: dos commands via iis 4 (TFTP)-NETBIOS
From: "Loschiavo, Dave" <DLoschiavo () FRCC CC CA US>
Date: Tue, 21 Nov 2000 06:09:34 -0800
When you execute commands/access files through the IIS web interface, you are acting in the context of IUSER_<MACHINE>. By default this account installs as either a local guest (on a member server) or a domain guest (on a domain controller). -----Original Message----- From: Illes Marci To: VULN-DEV () SECURITYFOCUS COM Sent: 11/20/00 2:37 PM Subject: Re: dos commands via iis 4 (TFTP)-NETBIOS On Sat, 18 Nov 2000, Paul Cardon wrote:
You seem to have completely missed the point even though MadHat explained it clearly. Your suggestion would result in nc.exe
connected
to a command shell as IUSER_<MACHINE> which has very little privilege. eeyerulez.asp performs a buffer overflow that results in SYSTEM level access to the server. The question you must ask is do you want to be
a
luser on the system or do you want to 0wn it? -paul
Hi, IIS runs as SYSTEM user by default. I belive you gain SYSTEM level access, when starting an ncx.exe for example. With system privilege you really own the computer. You can do anything with that box, but nothing with the network. Of course you can switch to some domain user, which is more powerfull in the network. Marci
Current thread:
- Re: dos commands via iis 4 (TFTP)-NETBIOS Zoa_Chien (Nov 19)
- <Possible follow-ups>
- Re: dos commands via iis 4 (TFTP)-NETBIOS Loschiavo, Dave (Nov 22)