Penetration Testing: Re: Re: Microsoft RDP Priv. Escalation

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: Re: Microsoft RDP Priv. Escalation

From: Yousif () Vapt-Sec com
Date: 9 Apr 2008 02:39:59 -0000

Mark Owen - Say for example you've downloaded an executable on a computer that you have access to. Also, say the 
account you have access to WILL NOT allow you to run THAT executable. With the "alternateshell" option, you COULD run 
that executable. CMD.EXE Was simply an example as it is commonly disabled on typical user accounts. 

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

By Date By Thread

Current thread:

Microsoft RDP Priv. Escalation Yousif (Apr 06)
- Re: Microsoft RDP Priv. Escalation Mark Owen (Apr 08)
- RE: Microsoft RDP Priv. Escalation Thor (Hammer of God) (Apr 08)
- <Possible follow-ups>
- Re: Re: Microsoft RDP Priv. Escalation Yousif (Apr 09)
- Re: RE: Microsoft RDP Priv. Escalation Yousif (Apr 09)
  - Re: RE: Microsoft RDP Priv. Escalation Jarrod Frates (Apr 09)
    - Computer Security Videos Trent Williams (Apr 09)
    - RE: Computer Security Videos Timmothy Lester (Apr 09)
    - Re: Computer Security Videos Dotzero (Apr 09)