Re: Problems on the DOS-Prompt

[Oliver.Karow () gmx de]

Hi,

maybe the problem is that you started NC in the LogonSession of the SYSTEM
Account, which is in most cases the Account in which the IIS prozess is
running. (This depends on the exploit you are using ;)

The system account has nor permissions outside of the local system. Which
means you can't use some of the NET-Commands.

Best regards,

Oliver


> Hi,
>
> I seem to habe problems with a netcat-bindshell on a plain-vanilla
> NT4SP6a. 
>
> I can execute some commands, but some fail. 
>
> E.g., I thought I could map drives with NET USE - but I only get some 
> 4-digit error-code.
> I can upload files, get the SAM via rdisk, restart IIS etc. 
>
> Even with hk.exe, NET USE fails. Is there an explanation ? 
>
> Thanks in advance, 
>
> Rainer
> -- 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Rainer Duffner                   Munich
> rainer () ultra-secure de          Germany
> http://www.i-duffner.de        Freising
> ========================================
>     When shall we three meet again
>   In thunder, lightning, or in rain?
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
> see:
> https://alerts.securityfocus.com/

-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/