|
Penetration Testing
mailing list archives
Re: win2k pentest - what can i do?
From: Mike DeGraw-Bertsch <mbertsch () oreilly com>
Date: Fri, 6 Jul 2001 11:59:55 -0400 (EDT)
I'd just change the "Administrator" password--I haven't tried this, but I
believe the command is "cusrmgr -u Administrator -P <newpassword>".
Alternately, you can change a user's permissions (or add them to the
Local/Domain Administrator group). "ntrights" changes user permissions.
Both tactics require, unfortunately, the Win2k resource kit.
-Mike
On Fri, 6 Jul 2001, Matt Andreko wrote:
I normally do not do pen tests on the win2k operating system. However I am
doing one at the moment. I have successfully got Administrator privelages,
but only at a pseudo-dos-prompt... Is there anything i can do to get
graphical abillities, since windows is basically useless without just
graphics. I have used the "net user" command to create a new user, and
added it to the Administrators group, but I do not have physical access to
this machine.
Any help would be appreciated.
--
Matt Andreko
On-Ramp Indiana
(317)774-2100
--------------------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to
the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
--------------------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to
the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
 By Date 
By Thread
Current thread:
| 
Intro
