Penetration Testing mailing list archives
Re: [PEN-TEST] Expand right under Win2K
From: "Pascal C. Kocher" <pascal.kocher () NETBEAT-SECURITY CH>
Date: Wed, 10 Jan 2001 14:46:24 +0100
Hi all
The only things that are possible are: 1) There is a known privilege escalation vulnerability that can be exploited with local unprivileged access. The attacker can download and run that code to gain Administrator access. 2) Brute force attack against accounts with local Administrator privilege. 3) Look for vulnerabilities in other systems that the web server can talk to. Some of those may expose Domain accounts with Administrator privilege on the web server or other systems that are trusted by the web server.
A possibility is to schedule the start of an application (netcat) per AT command. Even under win2k it will be run as SYSTEM. Regards, Pascal.
Current thread:
- [PEN-TEST] Expand right under Win2K Foldi Tamas (Jan 09)
- Re: [PEN-TEST] Expand right under Win2K Charlie Rhodes (Jan 09)
- Re: [PEN-TEST] Expand right under Win2K Paul Cardon (Jan 09)
- Re: [PEN-TEST] Expand right under Win2K Julian Linton (Jan 09)
- Re: [PEN-TEST] Expand right under Win2K Nelson Brito (a.k.a. stderr) (Jan 10)
- Re: [PEN-TEST] Expand right under Win2K Paul Cardon (Jan 10)
- Re: [PEN-TEST] Expand right under Win2K Tamas Foldi (Jan 10)
- Re: [PEN-TEST] Expand right under Win2K Julian Linton (Jan 11)
- Re: [PEN-TEST] Expand right under Win2K Nelson Brito (a.k.a. stderr) (Jan 11)
- Re: [PEN-TEST] Expand right under Win2K Nelson Brito (a.k.a. stderr) (Jan 11)
- Re: [PEN-TEST] Expand right under Win2K Paul Cardon (Jan 09)
- Re: [PEN-TEST] Expand right under Win2K Pascal C. Kocher (Jan 10)
- Re: [PEN-TEST] Expand right under Win2K Charlie Rhodes (Jan 09)
- <Possible follow-ups>
- Re: [PEN-TEST] Expand right under Win2K Edwards, David (JTD) (Jan 09)
- Re: [PEN-TEST] Expand right under Win2K Complx1 * (Jan 09)
- Re: [PEN-TEST] Expand right under Win2K Edwards, David (JTD) (Jan 10)
- Re: [PEN-TEST] Expand right under Win2K Complx1 * (Jan 11)
- Re: [PEN-TEST] Expand right under Win2K Beauregard, Claude Q (Jan 11)
- Re: [PEN-TEST] Expand right under Win2K Nelson (Jan 11)
- Re: [PEN-TEST] Expand right under Win2K Barber, Chris (Jan 11)
- Re: [PEN-TEST] Expand right under Win2K Oliver Friedrichs (Jan 11)
- Re: [PEN-TEST] Expand right under Win2K Aidan O'Kelly (Jan 15)