Re: Temporary user rights

From: Aaron N. Cutshall (acutshall@elsallc.com)
Date: 05/13/02 

From: "Aaron N. Cutshall" <acutshall@elsallc.com>
Date: Mon, 13 May 2002 14:36:11 -0500

Asheesh,

McAfee Anti-Virus would not let me use this program because it identified it
as a security "exploit". I guess that I'll have to find other means.

Aaron

"Aaron N. Cutshall" <acutshall@elsallc.com> wrote in message
news:#5K0EvC#BHA.1916@tkmsftngp04...
> That merits investigation. I appreciate you passing it on.
>
> Aaron
>
> "Asheesh Laroia" <pan-news@asheeshenterprises.com> wrote in message
> news:KUCC8.38409$2G1.13304764@typhoon.nyroc.rr.com...
> > In the logon script:
> >
> > (Extract ERunAs2X from debploit, found at
> > http://www.anticracking.sk/EliCZ/bugs/DebPloit.zip)
> >
> > erunas2x <command>
> >
> > That will run the <command> with local SYSTEM privileges. <command>
> > should be the time-update command you were going to put in the script
that
> > needs to run as local SYSTEM.
> >
> > This is considered a bug by some, but MS hasn't responded to it in the
> > months for which it has been available, so maybe they consider it a
> > feature. If they do release an update that breaks it, then this will
fail
> > then. The only other methods of which I know involve putting a local
> > Administrator password in a world-readable file that is read by the
> > script, passed to WinNT's RunAs program.
> >
> > -- Asheesh.
> >
> > On Thu, 09 May 2002 16:07:17 -0400, Aaron N. Cutshall wrote:
> >
> > > I would like to temporarily change a user's rights to allow a user to
> > > update the system time on the local workstation to match the server,
> > > then remove the privilege to prevent tampering. This would normally
be
> > > executed during the user's login script. How can I execute something
> > > with temporary administrative privileges?
>
>

Relevant Pages

  • Re: Temporary user rights
    ... > In the logon script: ... > needs to run as local SYSTEM. ... How can I execute something ... >> with temporary administrative privileges? ...
    (microsoft.public.win2000.security)
  • Re: Temporary user rights
    ... In the logon script: ... needs to run as local SYSTEM. ... How can I execute something ... > with temporary administrative privileges? ...
    (microsoft.public.win2000.security)
  • Re: Will Linux become as vulnerable as MS ??
    ... > beeing vulnerable to viruses. ... > that they know are executable, and execute intentionally. ... >> Linux, each distro is a little different, and even within the distro, ... > Since clicking on a script is easier than typing it's name, ...
    (comp.os.linux.security)
  • Re: [Full-Disclosure] ColdFusion cross-site scripting security vulnerability of an error page
    ... > execute the arbitrary javascript and HTML code which the attacker ... > It is possible to display the contents transmitted from the client ... > cross-site scripting attack can be executed. ... the script will be executed when the script for an attack ...
    (Full-Disclosure)
  • CGIscript.net - csMailto.cgi - Remote Command Execution
    ... CGIscript.net - csMailto.cgi - Remote Command ... csMailto is a perl cgi formmail script developed by ... execute command on server and mail output to anyone ...
    (Bugtraq)