Vulnerability Development mailing list archives
generic privellage escalation
From: "Ben Greenberg" <benfallout2 () hotmail com>
Date: Wed, 31 Dec 2003 18:00:06 -0500
Are there any papers out there that detail a generic method for privellage escalation. specifically the following situations are ones in which id like to know a method for always escalating privellages; when i do security audits i always want to show the full extent of the vulnerability:
specifically ------ability to execute commands one at a time statelessly through the url, and with a response to the browser ESCALATE TO a netcat created port for connecting to a shell
-also is there any document with generically applicable php, asp, server side include command execution/privellage escalation?
thanks--if anyone could point me to anything like this it would make things a lot easier for me.
ben _________________________________________________________________Get reliable dial-up Internet access now with our limited-time introductory offer. http://join.msn.com/?page=dept/dialup
Current thread:
- generic privellage escalation Ben Greenberg (Jan 02)
- Re: generic privellage escalation Valdis . Kletnieks (Jan 02)