Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Accessing registry through command line
From: Penetration Testing <pentest () infosecure com au>
Date: Mon, 8 Oct 2001 15:21:08 -0800 (GMT+8)

On Thu, 4 Oct 2001, Esmerelda Fruitenschlein wrote:

I have remote execution of code through a unicode vulnerability on an IIS 
box.  I need to know if there is a way to get registry keys using only 
command line tools that are on a default NT install.  (No file upload, not 
even using echo >, etc.)  Perhaps something using rundll or somesuch thing?


As the other responses have mentioned, regedit can be used to dump all or
portions of the registry.  I haven't had any luck using it to make changes
to the registry, as it pops up a confirmation dialog to the console about
the proposed changes.  I don't know of any way of controlling windowing
apps from the command line.

I found a tool (via google) called simply "reg.exe" that does command line
reg edits without requiring console confirmation.  This has worked for me
in the past.

I doubt that you would be able to interface to rundll without having the
facility of loading _some_ code onto the box.

Regards,
Dave Taylor



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault