Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: user logon script context....

from [Steveb] Network Security [Permanent Link]
Subject: RE: user logon script context....
Date: Thu, 9 Mar 2006 10:36:26 -0500 
Look into CPAU.  That program will let you run login scripts in the
context of whoever you want.  We use it here quite a bit.

Steve Bostedor
http://www.vncscan.com 

-----Original Message-----
From: Depp, Dennis M. [mailto:deppdm@ornl.gov] 
Sent: Thursday, March 09, 2006 7:12 AM
To: Murad Talukdar; focus-ms@securityfocus.com
Subject: RE: user logon script context....

Murad,

It is not possible to run logon scripts under a different context.  You
might be able to change the context in the script with runas, but this
will require using a password in a script.  

You might want to look at using computer startup scripts.  These will
run in the context of local system; however, you will not be able to
know what user will be on the system.  

Denny


-----Original Message-----
From: Murad Talukdar [mailto:talukdar_m@subway.com]
Sent: Thursday, March 09, 2006 1:35 AM
To: 'Murad Talukdar'; focus-ms@securityfocus.com
Subject: RE: user logon script context....

Okay a further google showed me the answer--but some clarification would
be great-can logon scripts be set to run under a chosen context?

Ie, if I don't want it to run under either SYSTEM or localadmin, can
this be done? (I get the feeling this could be no).

Regards
Murad Talukdar

-----Original Message-----
From: Murad Talukdar [mailto:talukdar_m@subway.com]
Sent: Thursday, March 09, 2006 4:31 PM
To: 'focus-ms@securityfocus.com'
Subject: user logon script context....

Hi guys,
Can anyone point me to a paper detailing what security context a User
logon script runs under?

I want to know what kind of permissions a script(well, I understand that
it doesn't have permissions itself but runs AT a certain level of
access) has when that user logs one.

For instance, if the user is just a restricted user locally, should I be
able to call a .exe in the script which loads and writes to the c drive?
All
this to be done through a GPO.

Kind Regards
Murad Talukdar


 



------------------------------------------------------------------------
---
------------------------------------------------------------------------
---


------------------------------------------------------------------------
---
------------------------------------------------------------------------
---



---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: user logon script context...., Dubber, Drew B
Next by Date:  FW: user logon script context...., Murad Talukdar
Previous by Thread:  Re: user logon script context...., todd
Next by Thread:  FW: user logon script context...., Murad Talukdar
Indexes:  [Date] [Thread] [Top] [All Lists]