Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Microsoft RDP Priv. Escalation

from [Memet Anwar] Network Security [Permanent Link]
Subject: Re: Microsoft RDP Priv. Escalation
Date: Thu, 10 Apr 2008 02:36:03 +0700 
Yousif@Vapt-Sec.com wrote:

.RDP connection file. The cmd.exe thing is simply an example. Other
applications that wouldn't normally execute can be executed with this
as well. The escalation is the ability to run applications you
shouldn't be able to with such an account. It's under the privileges
of the user, but the idea is, those privileges don't allow you to
execute certain programs. Through that, you can.


As Thor said, "Exactly how were they disabled?", how the admin configure
the system to block access to cmd.exe? By configuring an RDP file to use
a specific shell?

If the admin said he's *actually trying* to block user's access to
cmd.exe (or whatever file you can access), then whatever he's using now
is not effective. The bug then is in the admin way of thinking, not on RDP.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: RE: Microsoft RDP Priv. Escalation, Thor (Hammer of God)
Next by Date:  Pen testing techniques, Atif Azim
Previous by Thread:  RE: RE: Microsoft RDP Priv. Escalation, Thor (Hammer of God)
Next by Thread:  Re: Re: Microsoft RDP Priv. Escalation, Yousif
Indexes:  [Date] [Thread] [Top] [All Lists]