|
Penetration Testing
mailing list archives
Re: [PEN-TEST] Expand right under Win2K
From: Tamas Foldi <geza () KAPU HU>
Date: Wed, 10 Jan 2001 20:26:45 +0100
Hi
Thank You for the files and advice however nothing worked.
1. the SAM file cannot be read on the target (access denied) with the
rights gained through unicode
2. backdoors are not a choice, since they run with the rights of the above
mentioned unicode
3. HK doesn't work under win2k (it produced permission denied message)
win2k never has been vulnarable to spoofed LPC port requests
4. autorun.inf didn't execute on mapping the directory (maybe some trick
is needed)
5. AT command returns access denied
to Dave:
it is interesting what you wrote, but i would like to ask You to go into
details about the All_users startup
You could do this with a "Shell Folder" vulnerability, and others...
Could you tell more info about this bug?
2) Brute force attack against accounts with local Administrator
privilege.
Does anyone knows any password brute forcer that works without accessing
the SAM file?
We are still eager to hear further ideas on this issue since nothing that
we tried worked yet.
. .. _ _________________________________________________________ _ .. .
Foldi Tamas - We Are The Hashmar In The Rootshell - Security Consultant
crow () linuxfreak com / crow () kapu hu / (+36 30) 221-74-77
 By Date 
By Thread
Current thread:
- Re: [PEN-TEST] Expand right under Win2K, (continued)
Re: [PEN-TEST] Expand right under Win2K Edwards, David (JTD) (Jan 09)
| 
Intro
