Re: sudo for windows

From: H Carvey (keydet89@yahoo.com)
Date: 07/30/01 

Date: 30 Jul 2001 10:59:06 -0000
Message-ID: <20010730105906.22740.qmail@securityfocus.com>
From: H Carvey <keydet89@yahoo.com>
To: focus-ms@securityfocus.com
Subject: Re: sudo for windows


> I am not sure why there is a problem
understanding this.

My lack of understanding primarily comes from the
fact that there hasn't been any real material to
understand. Vague generalizations, winks and
knods, do not lead to understanding.

> got rights to configure, and was able to add
> myself as an admin (of IIS), lock out other
admins, configure where
> directories are(i.e.web root directory changed
to c: or
> c:\winnt\system32\repair), copy off files with
password hashes for
> decryption, etc.

This sounds to me as if you were able to gain
complete admin access to the system. It's not
clear if it was through the operating system or
through an issue with the web server. However, in
order to do the things you mention, you'd have to
have at least Admin-level access...accessing the
metabase (changing root dir), etc.

> Sorry I can't be more specific at this time -
not because of 'script
> kiddies', but because of confidentiality -

So talking about what you did and you did it is
the issue? You state above that you have no
problems with being specific due to script
kiddies. No one ever asked for whom you'd done
these tests...that's one of those unwritten
taboos, you know.

All I had asked was how you had accomplished what
you had claimed to have done. If it was so
terribly easy for you, I'd like to check out the
servers at work and make sure that they are
protected as best as possible. I had thought that
since we'd worked together in the past, you would
be willing to do so, even if via personal email.

> The point is having configuration rights to IIS,
etc - not just directory traversal rights.

I understand. My question had been...how did you
go about doing this? Again, the company I work
for does web hosting and collocation...if you are
willing to share the information, and it's not
simply a gross configuration error, then I could
use that information to increase the level of
security on the systems.

> If I can give myself copy and
> execute privileges in system32, or repair, what
more could I ask?

SYSTEM-level privileges?

Thanks,

Carv

Relevant Pages

  • Re: the free software paradigm [was Re: Amazon used lisp & C exclusively?
    ... of everyone understanding what the group expectation is, ... How can it be that every time we talk about making money back, ... Even the copyright law itself, in its modern incarnation, has a bizarre ... would just make you sign away both sets of rights before giving you money. ...
    (comp.lang.lisp)
  • Re: What User Logged In When No User Log In?
    ... Every group has its 'lingo'. ... important than understanding how numbers work, ... And why do they put Admin in the word? ... "problem solving", I was able to go play two hours of basketball.] ...
    (microsoft.public.win32.programmer.kernel)
  • Re: Legitimacy of UK titles following abdication
    ... Not only understanding the word used in a sentence, ... When King Edward VIII ... tranferring such rights to the next person in the line of succession. ... House of Commons. ...
    (alt.talk.royalty)
  • Re: Legitimacy of UK titles following abdication
    ... Not only understanding the word used in a sentence, ... When King Edward VIII ... tranferring such rights to the next person in the line of succession. ... Discussions were conducted between the new king, George VI, and other ...
    (alt.talk.royalty)
  • Re: Pictures of Commvex Attendies..
    ... There was certainly no explicit ... understanding of any rights reserved on this video to my understanding. ...
    (comp.sys.cbm)