From: miguel.dilaj@pharma.novartis.com
Date: Wed Sep 03 2003 - 01:33:32 EDT
Hi Mark,
You don't specify if you've NetBIOS access, so this is just a hint of
something that comes to mind (untested in XP).
Have you tried sc.exe (Service Controller) from a Resource Kit, or psexec
from Wininternals?
Cheers,
Miguel
"Lachniet, Mark" <mlachniet@sequoianet.com>
02/09/2003 16:23
To: <Pen-test@securityfocus.com>
cc:
Subject: Remotely starting the "server" process on win XP
Category:
Hello all,
I was hoping someone could provide an opinion on the following scenario:
Assume that I am pen-testing a Windows XP workstation across the network.
Further assume that it is fully patched, and no known exploits will work.
Lastly, assume that I have gotten the admin password, but am limited by
the amount of fun I can have because the Server process is not started,
nor is IIS or any other obvious means of ingress. Short of the usual
trickery (physical access to the machine, tricking someone, hacking a user
workstation, etc.), can anyone suggest a good way to remotely start the
server process so that I could then continue pen-testing the box?
Thanks,
Mark Lachniet
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:39 EDT