Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: Windows privilege escalation using Program.exe.

  1. #11

    loved the post bro

    I'm with rhfactor on this one you guys are scolding reedarvin like antionline is paying him to write tutorials or something

    I think the tutorial was worthy of his time and I like the read. Oh and agreed if you want an exploit fix studying it yourself and don't complain why there is no exploitation fix on this.

    also my 2 cents

    and reedarvin keep writing tutorials bro!

  2. #12
    Senior Member
    Join Date
    Sep 2004
    Posts
    117
    well it is a very good post
    cheers
    nice thinking

  3. #13
    Senior Member therenegade's Avatar
    Join Date
    Apr 2003
    Posts
    400
    About time someone pointed out you've all been posting to a three month old thread.

    Cheers

  4. #14
    Junior Member
    Join Date
    Nov 2005
    Posts
    2

    Re: Windows privilege escalation using Program.exe.

    Hi reedarvin,

    I´ve read your tutorial. It sounds nice, but it does not work!

    I tried it on a Win2k, SP0.

    It is true, that Windows executes the program.exe (after you ignore the warning), but depending on your user privileges it won´t happen anything.

    As guest, nothing happens. The script is executed but failes because lack of privileges.
    As restricted user, it´s just the same thing.
    As privileged user, only a restricted account is created.
    Only when connecting as admin, the script will add the user to the administrator group.


    Regards,
    Swappy

  5. #15
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Swappy,

    reedarvin, posted this tut ages ago. I'm guessing its been patched?
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  6. #16
    Banned
    Join Date
    May 2003
    Posts
    1,004
    No not patched... the original post makes no indication of being able to do extra things with a given account... he mentions tricking a service started under a more powerful user into running his malicious application. Swappy just tried to run the app himself.

    cheers,

    catch

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •