Penetration Testing mailing list archives
Re: Accessing registry through command line
From: Penetration Testing <pentest () infosecure com au>
Date: Mon, 8 Oct 2001 15:21:08 -0800 (GMT+8)
On Thu, 4 Oct 2001, Esmerelda Fruitenschlein wrote:
I have remote execution of code through a unicode vulnerability on an IIS box. I need to know if there is a way to get registry keys using only command line tools that are on a default NT install. (No file upload, not even using echo >, etc.) Perhaps something using rundll or somesuch thing?
As the other responses have mentioned, regedit can be used to dump all or portions of the registry. I haven't had any luck using it to make changes to the registry, as it pops up a confirmation dialog to the console about the proposed changes. I don't know of any way of controlling windowing apps from the command line. I found a tool (via google) called simply "reg.exe" that does command line reg edits without requiring console confirmation. This has worked for me in the past. I doubt that you would be able to interface to rundll without having the facility of loading _some_ code onto the box. Regards, Dave Taylor ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Accessing registry through command line Esmerelda Fruitenschlein (Oct 04)
- Re: Accessing registry through command line Penetration Testing (Oct 09)
- Re: Accessing registry through command line Todd Ransom (Oct 09)
- <Possible follow-ups>
- FW: Accessing registry through command line pmawson (Oct 05)
- FW: Accessing registry through command line John Redd (Oct 07)
- Re: Accessing registry through command line steven.m.gill (Oct 09)
- Re: Accessing registry through command line Mike Sues (Oct 09)
- Re: Accessing registry through command line Penetration Testing (Oct 09)