Smashing Windows

["Nicholas R." <saint () lucifer at>]

While were on the topic, I'm wondering what techniques and/or programs would be
of use to effectively audit windows operating systems and services specifically 
nt based?

For example, privelage escelation, buffer overflows, format strings within 
local programs or system services. Other than a few documents on format strings 
and buffer overflows, there isn't much information to help aid in the auditing 
of programs specifically of importance to the windows os. Another main question 
is how exactly are local privelages gained? For example, under unix only 
programs suid/sgid that are vulnerable can sometimes be exploited to gain root. 
Would there be the same thing or something similar to this under an nt 
environment? and if so, what?

Is there any information that I can be directed to that maybe i'm missing?
as well as programs and other criteria of importance. Also, is there such things
as race conditions under windows? Signal explotation? or things under windows 
that can be exploited that can't under *nix or vice versa.

Any light or reference to information on this topic, considering it is broad 
scope would be greatly appreceated. 


-- saint


-----------------------------------------------------------
This mail was sent through : https://www.lucifer.at/horde/
-----------------------------------------------------------