Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Undeletable user account.

From: Jeremy Bishop <requiem () praetor org>
Date: Tue, 3 Jan 2006 15:28:59 -0800
On Tuesday 03 January 2006 13:54, James Bower wrote:

Hi all, one of my servers has recently been compromised.  No suprise
but the hacker created himself a user account.  The problem is that I
can't seem to delete the account.  The account is not part of any


To be entirely snippy, the problem isn't the undeletable account.  That 
falls into the "amusing puzzle" category.  The problem is that you are 
attempting to clean up the machine instead of rebuilding from 
known-good media.

I'm sure you have a very good reason for doing this, and I'm just making 
the assumption that the Windows culture has less awareness that this is 
generally a Bad Idea.

As for the user account, I suspect that it can be deleted in much the 
same way one would go about deleting the local administrator account.  
Have a link: http://www.kuro5hin.org/story/2004/7/4/7570/05276

Jeremy

-- 
The Write Many, Read Never drive.  For those people that don't know
their system has a /dev/null already.
              -- Rik Steenwinkel, singing the praises of 8mm Exabytes
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: