From: Lachniet, Mark (mlachniet@sequoianet.com)
Date: Tue Sep 02 2003 - 11:23:34 EDT
Hello all,
I was hoping someone could provide an opinion on the following scenario:
Assume that I am pen-testing a Windows XP workstation across the network. Further assume that it is fully patched, and no known exploits will work. Lastly, assume that I have gotten the admin password, but am limited by the amount of fun I can have because the Server process is not started, nor is IIS or any other obvious means of ingress. Short of the usual trickery (physical access to the machine, tricking someone, hacking a user workstation, etc.), can anyone suggest a good way to remotely start the server process so that I could then continue pen-testing the box?
Thanks,
Mark Lachniet
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:39 EDT