Home page logo

bugtraq logo Bugtraq mailing list archives

From: mark () ntshop net (Mark Joseph Edwards)
Date: Thu, 10 Jul 1997 15:44:50 -0500

The hotfix released by MS for getadmin.exe DOES NOT WORK completely. Using
a slightly different tactic, the exploit can still be made to work in most
conditions (e.g. a not-too-heavily-loaded-down NT server).

By running a program that performs some slight manipulation <before>
running getadmin.exe, the exploit can still be run successfully. This was
tested on NT 4.0 w/SP3 and all current hotixes loaded as of July 10, 1997,
and found to work as stated.

This condition was reported to NTSecurity.NET by Constin Raiu, who
requested that we post this message to the relavant lists.

For sample code and sample .exe to test with, go to http://www.ntsecurity.ne
t and look at the GetAdmin page.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]