From: Dave Killion (Dkillion@netscreen.com)
Date: Tue Sep 02 2003 - 20:05:53 EDT
What about Remote Desktop Protocol? If you can remote-in under RDP, you
can do almost anything as if you were physically consoled.
I don't think that is part of the 'Server' process - it has it's own
process, which I believe is disabled by default.
I hope this information is helpful,
Dave Killion
Senior Security Engineer
Security Group, NetScreen Technologies, Inc.
-----Original Message-----
From: Lachniet, Mark [mailto:mlachniet@sequoianet.com]
Sent: Tuesday, September 02, 2003 8:24 AM
To: Pen-test@securityfocus.com
Subject: Remotely starting the "server" process on win XP
Hello all,
I was hoping someone could provide an opinion on the following scenario:
Assume that I am pen-testing a Windows XP workstation across the
network. Further assume that it is fully patched, and no known exploits
will work. Lastly, assume that I have gotten the admin password, but am
limited by the amount of fun I can have because the Server process is
not started, nor is IIS or any other obvious means of ingress. Short of
the usual trickery (physical access to the machine, tricking someone,
hacking a user workstation, etc.), can anyone suggest a good way to
remotely start the server process so that I could then continue
pen-testing the box?
Thanks,
Mark Lachniet
------------------------------------------------------------------------
--- FREE Trial! New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL and PROFESSIONAL TL software. Fast, reliable vulnerability assessment technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825 ------------------------------------------------------------------------ ----
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:39 EDT