Penetration Testing mailing list archives
Re: Accessing registry through command line
From: <steven.m.gill () us pwcglobal com>
Date: Sun, 07 Oct 2001 17:54:25 -0400
You can use this syntax (I've done it several times on a pen-test) regedit -e <filename> <hive\key> So, say I want to pull the VNC keys so I can see the encrypted password, I can use this command: regedit -e vnckeys.reg HKEY_LOCAL_MACHINE\SOFTWARE\ORL (this will work provided your user has read privies over the key) You can then move the test.reg into to webroot so that you can download it. Regards, Steve Esmerelda Fruitenschlein To: pen-test () securityfocus com <efruitenschlein@ho cc: tmail.com> Subject: Accessing registry through command line 10/04/2001 05:05 PM I have remote execution of code through a unicode vulnerability on an IIS box. I need to know if there is a way to get registry keys using only command line tools that are on a default NT install. (No file upload, not even using echo >, etc.) Perhaps something using rundll or somesuch thing? Thanks. Esmerelda Fruitenschlein, hacker extraordinaire _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Accessing registry through command line Esmerelda Fruitenschlein (Oct 04)
- Re: Accessing registry through command line Penetration Testing (Oct 09)
- Re: Accessing registry through command line Todd Ransom (Oct 09)
- <Possible follow-ups>
- FW: Accessing registry through command line pmawson (Oct 05)
- FW: Accessing registry through command line John Redd (Oct 07)
- Re: Accessing registry through command line steven.m.gill (Oct 09)
- Re: Accessing registry through command line Mike Sues (Oct 09)
- Re: Accessing registry through command line Penetration Testing (Oct 09)