FW: Accessing registry through command line
From: pmawson@deloitte.co.nzDate: 10/05/01
- Previous message: Andrew Simmons: "Re: Blind penetration testing"
- Maybe in reply to: Esmerelda Fruitenschlein: "Accessing registry through command line"
- Next in thread: John Redd: "FW: Accessing registry through command line"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <29A3C0F686EE3E408BBAEF6668DBC8A2014D2AA3@nzakl0400> From: pmawson@deloitte.co.nz To: pen-test@securityfocus.com Subject: FW: Accessing registry through command line Date: Fri, 5 Oct 2001 10:59:45 +1200
regedit is nice.
Allows you to import and export registry information to and from a text
file.
regedit /e c:\inetpub\wwwroot\registry.txt
Will dump a copy of the registry to text file (all you have access to read
anyway).
When just view it with your browser.
Goes without saying this will be a VERY large file.
It is possible to dump only parts of the registry with the regedit command.
Can't remember how to do this off the top of my head. Have a look hear.
http://www.microsoft.com/technet
another good command to use with the Unicode exploit is
winmsd /a /f
This writes a system report to text file.
This gives you a lot of really useful information.
The text file will be the name of the computer and is written to your
working directory.
Note: This only works on IIS 4 (NT 4).
If anyone knows of a way to get this information on windows 2000 please let
me know.
P
-----Original Message-----
From: Esmerelda Fruitenschlein [mailto:efruitenschlein@hotmail.com]
Sent: Friday, 5 October 2001 9:05 a.m.
To: pen-test@securityfocus.com
Subject: Accessing registry through command line
I have remote execution of code through a unicode vulnerability on an IIS
box. I need to know if there is a way to get registry keys using only
command line tools that are on a default NT install. (No file upload, not
even using echo >, etc.) Perhaps something using rundll or somesuch thing?
Thanks.
Esmerelda Fruitenschlein, hacker extraordinaire
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
************************************************************
CAUTION: This e-mail and any attachment(s) contains
information that is both confidential and possibly legally
privileged. No reader may make any use of its content
unless that use is approved by Deloitte separately in writing.
Any opinion, advice or information contained in this e-mail
and any attachment(s) is to be treated as interim and
provisional only and for the strictly limited purpose of the
recipient as communicated to us. Neither the recipient nor
any other person should act upon it without our separate
written authorisation of reliance.
If you have received this message in error please notify us
immediately and destroy this message. Thank you.
Deloitte Touche Tohmatsu
Internet: www.deloitte.co.nz
************************************************************
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Andrew Simmons: "Re: Blind penetration testing"
- Maybe in reply to: Esmerelda Fruitenschlein: "Accessing registry through command line"
- Next in thread: John Redd: "FW: Accessing registry through command line"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
