Re: hacking win2kPro out of the box

[H Carvey <keydet89 () yahoo com>]

In-Reply-To: <285472c90412030724661edaf9 () mail gmail com>


> Does anyone have any information on common attacks for local
> priviledge escalation, and ways to secure against these?

Google is your friend:
http://www.google.com/search?hl=en&q=%22Windows+2000%22+OR+%22Win2K%22+AND+%22privilege+escalation%22

Also, Google for "ntpasswd".  

> The sort of thing I'm looking for is a detail of an attack, followed
> by the procedure(s) I would use to:
>
> a) recover from it if neccessary
> b) thwart future attacks of it's type.

The answer for "b" is easy...secure local access, in particular, physical access to the system.

> I basically want to swap roles between hacker and sysadmin so I can
> learn more about the best of both worlds.

Again, start w/ Google. 

H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com