Alex raksta:
Tikko palasiiju kaarteejo SANS bugu saraxtu un redzko atradu:
In the past few weeks, a vulnerability known as ‘debploit’ has been talked about. The premise is that local users can use the debugging API to gain access to duplicate a process handle, which then can be used to gain system privileges. This affects Windows NT and 2000.
This vulnerability is not confirmed in any official form. A demonstration exploit is available.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-03/0358.html
Iisaak sakot shtuks ir taads:
1) Nokachaajam exploitu
2) ielogojamies ar vienalga kaadu accountu (piemeeram GUEST) ieksh Winowsa NT/2k compja.
3) palaizham exploitu shaadaa veidaa:
erunasx cmd
cmd palaizhaas ja nemaldos ar SYSTEM accounta privileegjijaam.
4) Ieksh jaunaas komandrindas ieraxtaam, piemeeram, shaadu comandu:
net user LIETOTAJS PAROLE /add
un ir izveidots jauns lietotajs “LIETOTAJS” ar paroli “PAROLE” 😉
Lai jums veixmiiga diena
Alex
Hm. Cik es sapratu, tad caur tiiklu tur neko izdariit nevar 😉
Tipa proga straadaa gandriiz kaa trojaanis, tikai ar iespeeju ieguut administraatoru 😉
Bugs vecs kaa pac NT…
1. Atveert Notepad
2. Ieraxtit tur cmd
3. Saglabaat kaa cmd.bat
4. Starteet failu
Galvenais lai FileName buutu vienads ar faila saturu, rezultatu redzesiet pashi (only Win2K)
Peec kada laika PC var uzkarties deelj RAM paarpildishanas…
2 Marix: var jau paņemt ar 9mm pistoli un ielaist pāris lodes korpusā, tad skatīties karās vai ne. Ideja tā pati.
MariX, Tu veel galaa aizmiri pierakstiit, secinaajumu – Linux rullzzzz. AAksts, tu!
Sarky: Tas ka LinuX rullzzz nav pat jaraxta tas tapat visiem skaidrs 🙂
MariX, bet atshkjiriiba ir, kapeec pie taada secinaajuma nonaak 🙂
Sarky, deelj WinSuX 🙂
nezinu man neiznaaca tas… nokachaaju, DebPloit.zip nu.. un? blje neiet tas erunasx.. kaa iisti vinju palaist? caur start> run?