Re: remote privilege escalation

From: Dave Aitel (dave@immunitysec.com)
Date: Wed Jan 08 2003 - 22:09:58 EST


Also fun is using MSADC, since its enabled by default for localhost...
-dave

On Wed, 8 Jan 2003 15:11:16 -0800 (PST)
Javier Liendo <javier@liendo.net> wrote:

> hello
>
> have you tried
>
> http://www.digitaloffense.net/archives/iissystem/
>
> regards
>
> javir
>
> --- Jeremy Bartels <Jeremy.Bartels@allsecure-it.com>
> wrote:
> > Hi All,
> >
> > Can someone please tell me how I go about escalating
> > my privileges to SYSTEM
> > remotely on a windows 2000 Server SP1 'out of the
> > box' installation.
> >
> > I can do it when I am sitting in front of the PC
> > with ERunAs2X.exe
> > if I try to use ErunAs2X remotely with: ERunAs2X.exe
> > "nc.exe -l -p
> > 50000 -d -e cmd.exe"
> > I get the error:
> >
> > The application failed to initialize properly
> > (0xc0000142). Click on OK to
> > terminate the application.
> >
> > the title bar of the windows says: cmd.exe -
> > Application error
> >
> > does anyone have any ideas?
> >
> > Cheers
> >
> > Jeremy
> >
> >
> >
> >
> ---------------------------------------------------------------------
> -------
> > This list is provided by the SecurityFocus Security
> > Intelligence Alert (SIA)
> > Service. For more information on SecurityFocus' SIA
> > service which
> > automatically alerts you to the latest security
> > vulnerabilities please see:
> > https://alerts.securityfocus.com/
> >
>
>
> ---------------------------------------------------------------------
> ------- This list is provided by the SecurityFocus Security
> Intelligence Alert (SIA) Service. For more information on
> SecurityFocus' SIA service which automatically alerts you to the
> latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
>
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:26 EDT