RE: priviledge escalation techniques

[BSK <bishan4u () yahoo co uk>]

> prefetch stores.  If you look in the
> C:\WINDOWS\Prefetch directory you
> will see all the recently loaded executable files
> stored in a prefetch
> format.

well surprisingly there is no Prefetch directory
anywhere in my windows 2000 proff. and server

> If you open a dos prompt and (make a backup of the
> sethc.exe file
> warning here) copy cmd.exe to sethc.exe, answering
> that yes, you do want
> to overwrite the original, you will see the new
> sethc.exe in an explorer
> window with a cmd.exe icon.  Now, if you delete
> that, windows will
> restore sethc.exe but with a cmd.exe icon (note the
> file sizes).  When
> done this way, pressing shift 5 times will indeed
> open a cmd prompt.  

Yes, windows replaces the file as u mentioned but
still doesn't open anything on 'shift' 5 times :(


        
        
                
___________________________________________________________ 
ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com