Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
From: Steve Shockley <steve.shockley () shockley net>
Date: Tue, 05 Dec 2006 14:55:51 -0500

eugeny gladkih wrote:
"MS" == Michael Scheidell <scheidell () secnap net> writes:
 >> 1. kill shstart.exe process

 MS> Wouldn't you have to be administrator to kill shstart.exe?

LocalSystem account has more privilegies then administrator's one.

If you've already got Administrator, you can just run

at <time> /interactive "cmd.exe"

and get a shell as SYSTEM.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]