Re: remote privilege escalation

From: Javier Liendo (javier@liendo.net)
Date: 01/09/03

  • Next message: noconflic: "Re: remote privilege escalation"
    Date: Wed, 8 Jan 2003 15:11:16 -0800 (PST)
    From: Javier Liendo <javier@liendo.net>
    To: Jeremy Bartels <Jeremy.Bartels@allsecure-it.com>, pen-test@securityfocus.com
    
    

    hello

    have you tried

    http://www.digitaloffense.net/archives/iissystem/

    regards

    javir

    --- Jeremy Bartels <Jeremy.Bartels@allsecure-it.com>
    wrote:
    > Hi All,
    >
    > Can someone please tell me how I go about escalating
    > my privileges to SYSTEM
    > remotely on a windows 2000 Server SP1 'out of the
    > box' installation.
    >
    > I can do it when I am sitting in front of the PC
    > with ERunAs2X.exe
    > if I try to use ErunAs2X remotely with: ERunAs2X.exe
    > "nc.exe -l -p
    > 50000 -d -e cmd.exe"
    > I get the error:
    >
    > The application failed to initialize properly
    > (0xc0000142). Click on OK to
    > terminate the application.
    >
    > the title bar of the windows says: cmd.exe -
    > Application error
    >
    > does anyone have any ideas?
    >
    > Cheers
    >
    > Jeremy
    >
    >
    >
    >
    ----------------------------------------------------------------------------
    > This list is provided by the SecurityFocus Security
    > Intelligence Alert (SIA)
    > Service. For more information on SecurityFocus' SIA
    > service which
    > automatically alerts you to the latest security
    > vulnerabilities please see:
    > https://alerts.securityfocus.com/
    >

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:
    https://alerts.securityfocus.com/



    Relevant Pages

    • Re: Arp spoofing & dsniff
      ... If I am on a Switched network and I change my MAC ... For more information on SecurityFocus' SIA ... This list is provided by the SecurityFocus Security Intelligence Alert ...
      (Pen-Test)
    • Re: SQL INJECTION IN Coldfusion
      ... UNION file.cfm?id=4567 UNION SELECT TOP 3 FROM mrro-- ... >> Intelligence Alert ... For more information on SecurityFocus' SIA ...
      (Pen-Test)
    • Re: Citrix pentesting ideas
      ... >testing on Linux and Solaris these dont work as I ... For more information on SecurityFocus' SIA ... This list is provided by the SecurityFocus Security Intelligence Alert ...
      (Pen-Test)
    • Re: remote privilege escalation
      ... For more information on SecurityFocus' SIA ... > Intelligence Alert Service. ... automatically alerts you to the latest security vulnerabilities please see: ...
      (Pen-Test)
    • Re: Remote shell on Win9X - Summary
      ... >> Donate cash, emergency relief information ... >>- This list is provided by the SecurityFocus ... > Security Intelligence Alert ... >> (SIA) Service. ...
      (Pen-Test)