WinNT/2k exploits

Alex raksta:

Tikko palasiiju kaarteejo SANS bugu saraxtu un redzko atradu:
In the past few weeks, a vulnerability known as ‘debploit’ has been talked about. The premise is that local users can use the debugging API to gain access to duplicate a process handle, which then can be used to gain system privileges. This affects Windows NT and 2000.

This vulnerability is not confirmed in any official form. A demonstration exploit is available.

Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-03/0358.html

Iisaak sakot shtuks ir taads:
1) Nokachaajam exploitu
2) ielogojamies ar vienalga kaadu accountu (piemeeram GUEST) ieksh Winowsa NT/2k compja.
3) palaizham exploitu shaadaa veidaa:
erunasx cmd
cmd palaizhaas ja nemaldos ar SYSTEM accounta privileegjijaam.
4) Ieksh jaunaas komandrindas ieraxtaam, piemeeram, shaadu comandu:
net user LIETOTAJS PAROLE /add
un ir izveidots jauns lietotajs “LIETOTAJS” ar paroli “PAROLE” 😉

Lai jums veixmiiga diena
Alex

10 thoughts on “WinNT/2k exploits

  1. MariX

    1. Atveert Notepad
    2. Ieraxtit tur cmd
    3. Saglabaat kaa cmd.bat
    4. Starteet failu

    Galvenais lai FileName buutu vienads ar faila saturu, rezultatu redzesiet pashi (only Win2K)
    Peec kada laika PC var uzkarties deelj RAM paarpildishanas…

    Atbildēt

Ieraksti komentāru

Tava e-pasta adrese netiks publicēta. Obligātie lauki ir atzīmēti kā *