Bugtraq mailing list archives
Inside GetAdmin
From: mark () ntshop net (Mark Joseph Edwards)
Date: Tue, 8 Jul 1997 10:27:54 -0500
The nature of the getadmin bug is in the following API calls: ChangeNtGlobalFlag(GetNtGlobalFlagPtr()); The above code creates the exploit. The GetNtGlobalFlagPtr() can be replaced with a fix pointer, eliminating the need for READ access to the ntoskrnl.exe, making it much tougher to defend against, while at the same time, making it far less portable across NT systems. Mark
Current thread:
- Re: Solaris 2.5.1 party piece, (continued)
- Re: Solaris 2.5.1 party piece Casper Dik (Jul 03)
- Vulnerability in websendmail Razvan Dragomirescu (Jul 04)
- tar-error inter (Jul 05)
- Solution to MacDNS problem (keywords MacDNS DNS Macintosh Dan Brown (Jul 07)
- Vulnerability in websendmail (fwd) Julian Assange (Jul 07)
- Alert: Utility allows any user to become a member of local Admini Aleph One (Jul 08)
- Re: Vulnerability in websendmail Randal Schwartz (Jul 08)
- SGI Security Advisory 19970502-02-PX - xlock Vulnerability SGI Security Coordinator (Jul 08)
- Buffer Overflows exploit for SunOS 4.1.4 Willy TARREAU (Jul 08)
- GetAdmin NT exploit Christopher Klaus (Jul 08)
- Inside GetAdmin Mark Joseph Edwards (Jul 08)
- Fw: Reported Proxy-Netscape Bug Mark Joseph Edwards (Jul 08)