Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Windows Administrator access

from [Travis Potter] Network Security [Permanent Link]
Subject: RE: Windows Administrator access
Date: Sat, 25 Feb 2006 12:14:00 -0700 
I'm not sure if I understand but if all you want to do is prove you're an
admin just create a file in the system 32 dir. If you want to prove that you
have the administrator password just use the run as command:

runas /user:localmachinename\administrator cmd  When prompted, type the
administrator password. 
 
Or use the "net" series of commands ie: net user will enumerate all the
local users; or the net accounts command will give you some good info!! 

Does this help?

-----Original Message-----
From: Dillama [mailto:dillama@gmail.com] 
Sent: Saturday, February 25, 2006 2:17 AM
To: pen-test@securityfocus.com
Subject: Windows Administrator access

After gaining shell access to a Windows box, is there any way to show
administrator privilege without changing the config or uploading new files?

I have to demo the ability to gain administrator access to a Win 2000 box,
the catch is no changes on the box so adding a user or loading whoami.exe
from resource kit would not be options. Any suggestion here would be
appreciated.

Thanks

---
Dillama

----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities to SQL injection, Cross site scripting and other web attacks
before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Snarf files from a sniff dump, 4secure
Next by Date:  Re: Windows Administrator access, shiri_yacov
Previous by Thread:  Re: Windows Administrator access, Thor (Hammer of God)
Next by Thread:  Re: Windows Administrator access, Martin Mačok
Indexes:  [Date] [Thread] [Top] [All Lists]