Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RE: Microsoft RDP Priv. Escalation

From: Yousif () Vapt-Sec com
Date: 9 Apr 2008 03:04:13 -0000
Thor - Did you consider trying this out or did you merely read? Uploading .RDP files for direct access via the web is 
obviously wrong, but that's beyond the point of this entire insecurity, and you my friend are not comprehending it. The 
information about the insecurity isn't illegal as I did not use valid information from any .RDP connection file. The 
cmd.exe thing is simply an example. Other applications that wouldn't normally execute can be executed with this as 
well. The escalation is the ability to run applications you shouldn't be able to with such an account. It's under the 
privileges of the user, but the idea is, those privileges don't allow you to execute certain programs. Through that, 
you can.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: