Penetration Testing mailing list archives
FW: Accessing registry through command line
From: pmawson () deloitte co nz
Date: Fri, 5 Oct 2001 10:59:45 +1200
regedit is nice. Allows you to import and export registry information to and from a text file. regedit /e c:\inetpub\wwwroot\registry.txt Will dump a copy of the registry to text file (all you have access to read anyway). When just view it with your browser. http://target/registry.txt Goes without saying this will be a VERY large file. It is possible to dump only parts of the registry with the regedit command. Can't remember how to do this off the top of my head. Have a look hear. http://www.microsoft.com/technet another good command to use with the Unicode exploit is winmsd /a /f This writes a system report to text file. This gives you a lot of really useful information. The text file will be the name of the computer and is written to your working directory. Note: This only works on IIS 4 (NT 4). If anyone knows of a way to get this information on windows 2000 please let me know. P -----Original Message----- From: Esmerelda Fruitenschlein [mailto:efruitenschlein () hotmail com] Sent: Friday, 5 October 2001 9:05 a.m. To: pen-test () securityfocus com Subject: Accessing registry through command line I have remote execution of code through a unicode vulnerability on an IIS box. I need to know if there is a way to get registry keys using only command line tools that are on a default NT install. (No file upload, not even using echo >, etc.) Perhaps something using rundll or somesuch thing? Thanks. Esmerelda Fruitenschlein, hacker extraordinaire _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ************************************************************ CAUTION: This e-mail and any attachment(s) contains information that is both confidential and possibly legally privileged. No reader may make any use of its content unless that use is approved by Deloitte separately in writing. Any opinion, advice or information contained in this e-mail and any attachment(s) is to be treated as interim and provisional only and for the strictly limited purpose of the recipient as communicated to us. Neither the recipient nor any other person should act upon it without our separate written authorisation of reliance. If you have received this message in error please notify us immediately and destroy this message. Thank you. Deloitte Touche Tohmatsu Internet: www.deloitte.co.nz ************************************************************ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Accessing registry through command line Esmerelda Fruitenschlein (Oct 04)
- Re: Accessing registry through command line Penetration Testing (Oct 09)
- Re: Accessing registry through command line Todd Ransom (Oct 09)
- <Possible follow-ups>
- FW: Accessing registry through command line pmawson (Oct 05)
- FW: Accessing registry through command line John Redd (Oct 07)
- Re: Accessing registry through command line steven.m.gill (Oct 09)
- Re: Accessing registry through command line Mike Sues (Oct 09)
- Re: Accessing registry through command line Penetration Testing (Oct 09)