Re: Accessing registry through command line

[Penetration Testing <pentest () infosecure com au>]

On Thu, 4 Oct 2001, Esmerelda Fruitenschlein wrote:

> I have remote execution of code through a unicode vulnerability on an IIS 
> box.  I need to know if there is a way to get registry keys using only 
> command line tools that are on a default NT install.  (No file upload, not 
> even using echo >, etc.)  Perhaps something using rundll or somesuch thing?

As the other responses have mentioned, regedit can be used to dump all or
portions of the registry.  I haven't had any luck using it to make changes
to the registry, as it pops up a confirmation dialog to the console about
the proposed changes.  I don't know of any way of controlling windowing
apps from the command line.

I found a tool (via google) called simply "reg.exe" that does command line
reg edits without requiring console confirmation.  This has worked for me
in the past.

I doubt that you would be able to interface to rundll without having the
facility of loading _some_ code onto the box.

Regards,
Dave Taylor



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/