Vulnerability Development mailing list archives
Re: dos commands via iis 4 (TFTP)-NETBIOS
From: Illes Marci <illes () C3 HU>
Date: Mon, 20 Nov 2000 23:37:26 +0100
On Sat, 18 Nov 2000, Paul Cardon wrote:
You seem to have completely missed the point even though MadHat explained it clearly. Your suggestion would result in nc.exe connected to a command shell as IUSER_<MACHINE> which has very little privilege. eeyerulez.asp performs a buffer overflow that results in SYSTEM level access to the server. The question you must ask is do you want to be a luser on the system or do you want to 0wn it? -paul
Hi, IIS runs as SYSTEM user by default. I belive you gain SYSTEM level access, when starting an ncx.exe for example. With system privilege you really own the computer. You can do anything with that box, but nothing with the network. Of course you can switch to some domain user, which is more powerfull in the network. Marci
Current thread:
- Re: dos commands via iis 4 (TFTP), (continued)
- Re: dos commands via iis 4 (TFTP) Lincoln Yeoh (Nov 15)
- Re: dos commands via iis 4 (TFTP) MadHat (Nov 16)
- Re: dos commands via iis 4 (TFTP) Lincoln Yeoh (Nov 16)
- Re: dos commands via iis 4 (TFTP) Matt Zimmerman (Nov 16)
- Re: dos commands via iis 4 (TFTP) Lincoln Yeoh (Nov 15)
- Re: dos commands via iis 4 (TFTP) Bluefish (P.Magnusson) (Nov 16)
- Re: dos commands via iis 4 (TFTP) MadHat (Nov 16)
- Re: dos commands via iis 4 (TFTP)-NETBIOS booboo (Nov 16)
- Re: dos commands via iis 4 (TFTP)-NETBIOS MadHat (Nov 16)
- Re: dos commands via iis 4 (TFTP)-NETBIOS booboo (Nov 18)
- Re: dos commands via iis 4 (TFTP)-NETBIOS Paul Cardon (Nov 19)
- Re: dos commands via iis 4 (TFTP)-NETBIOS Illes Marci (Nov 21)
- Re: dos commands via iis 4 (TFTP)-NETBIOS Paul Cardon (Nov 22)
- Re: dos commands via iis 4 (TFTP) Lincoln Yeoh (Nov 16)
- Re: dos commands via iis 4 (TFTP) Robert A. Seace (Nov 11)