Re: Windows Administrator access

---

• From: "ROB DIXON" <rdixon@xxxxxxxxxxxxxxx>
• Date: Mon, 27 Feb 2006 08:32:01 -0500

---

Hi Dillama,

Can we ask how you have gained access at this point? What technique are you demoing?

Robert L. Dixon, CSO
CHFI A+
State of West Virginia's
West Virginia Office of Techonology
Infrastructure Applications
Netware/GroupWise Administrator
Telephone: (304)-558-5472 ex.4225
Email:rdixon@xxxxxxxxxxxxxxx

Dillama <dillama@xxxxxxxxx> >>>

After gaining shell access to a Windows box, is there any way to show
administrator privilege without changing the config or uploading new
files?

I have to demo the ability to gain administrator access to a Win 2000
box, the catch is no changes on the box so adding a user or loading
whoami.exe from resource kit would not be options. Any suggestion here
would be appreciated.

Thanks

---
Dillama

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

---

• Prev by Date: Re: Snarf files from a sniff dump
• Next by Date: Re: Windows Administrator access
• Previous by thread: Re: Windows Administrator access
• Next by thread: RE: Windows Administrator access
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Qualys ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) RE: Pre-Scanning for Marketing ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ... (Pen-Test) Re: Qualys ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) RE: New article on SecurityFocus (.WMF Vuln) ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) Re: Penetration test of 1 IP address ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ... (Pen-Test)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > pen-test  > 2006-02