Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Tool - RunAsUser v0.5 released

from [inode] Network Security [Permanent Link]
Subject: Tool - RunAsUser v0.5 released
Date: Thu, 14 Feb 2008 21:42:10 +0100
What is RunAsUser?
----------------------------------------------------------
RunAsUser is able to run a command as another user. You need the local administrator privileges and the user must have a running process on the system.

How does it work?
----------------------------------------------------------
RunAsUser uses dll injection techniques to gain SYSTEM privileges. With SYSTEM privileges the dll is able to open the target process, duplicate the access token and run a program with the user privileges.

What I can do with RunAsUser?
----------------------------------------------------------
RunAsUser can be used in a lot of situations, the most interesting usage is the privilege escalation that can be done on a Microsoft domain. If the user has local administrator rights and a domain admin is logged on the system you can get domain administrator privileges.

Command line arguments
----------------------------------------------------------
-p <pid>
Pid of the target process
-c <command>
Command to be executed with user privileges
-s <session ID> Target session ID
Session where the new process is spawned. To get your current session id run taskmgr.exe, go to "View" -> "Select columns" and select "Session ID" and search one of your current processes.
-l <lsass pid> (optional)
RunAsUser looks for the lsass.exe process. If this process fails, try using this option specifying the lsass pid.


You can download source and binary at:
http://lab.mediaservice.net/code.php#runasuser

inode

--
Agazzini Maurizio                    @ Mediaservice.net S.R.L.
0xF574450C - 09C5 E9A5 E481 D70A 708E DC3B 690D 1A36 F574 450C

"C programmers never die. They are just cast into void."

http://mediaservice.net/disclaimer

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Tool - RunAsUser v0.5 released, inode <=
Previous by Date:  Re: Security/Pen-testing Courses?, Tiago Rosado
Next by Date:  Re: Suspecious JPEG Files, Jamie Riden
Previous by Thread:  cracking sniffed hashs issue, Juan B
Next by Thread:  Certified Security Analyst / LPT - LIVE Class, leonard
Indexes:  [Date] [Thread] [Top] [All Lists]