Re: Accessing registry through command line

From: Penetration Testing (pentest@infosecure.com.au)
Date: 10/09/01


Date: Mon, 8 Oct 2001 15:21:08 -0800 (GMT+8)
From: Penetration Testing <pentest@infosecure.com.au>
To: Esmerelda Fruitenschlein <efruitenschlein@hotmail.com>
Subject: Re: Accessing registry through command line
Message-ID: <Pine.LNX.4.21.0110081508230.4494-100000@gateway.infosecure.com.au>

On Thu, 4 Oct 2001, Esmerelda Fruitenschlein wrote:

> I have remote execution of code through a unicode vulnerability on an IIS
> box. I need to know if there is a way to get registry keys using only
> command line tools that are on a default NT install. (No file upload, not
> even using echo >, etc.) Perhaps something using rundll or somesuch thing?
>

As the other responses have mentioned, regedit can be used to dump all or
portions of the registry. I haven't had any luck using it to make changes
to the registry, as it pops up a confirmation dialog to the console about
the proposed changes. I don't know of any way of controlling windowing
apps from the command line.

I found a tool (via google) called simply "reg.exe" that does command line
reg edits without requiring console confirmation. This has worked for me
in the past.

I doubt that you would be able to interface to rundll without having the
facility of loading _some_ code onto the box.

Regards,
Dave Taylor

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



Relevant Pages

  • Accessing registry through command line
    ... I have remote execution of code through a unicode vulnerability on an IIS ... I need to know if there is a way to get registry keys using only ... command line tools that are on a default NT install. ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Accessing registry through command line
    ... Accessing registry through command line ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: Starting a Systemwide App on boot?
    ... Why not use the registry? ... select the SYSTEM account when you define events in Task Scheduler. ... You'll have to use the 'at' command in a command shell. ...
    (microsoft.public.windowsxp.general)
  • Re: cleanup after malware/trojan/virus
    ... See if Start, Run, COMMAND works - it probably will. ... When you get into the registry, ... Highlight the Drivers32 folder on the left and observe the contents ... Specifically open the exported file with a text editor. ...
    (microsoft.public.windowsxp.help_and_support)
  • FW: Accessing registry through command line
    ... regedit is nice. ... Will dump a copy of the registry to text file (all you have access to read ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)