Jump to content

Recommended Posts

Posted

looks cool man thanks for the link

i will check it out :)

EDIT

DUDE FUCK ME! thats well goood!!!

thanks so much for the link...damn windows pcs :P

Posted

admin...why?

it should work on nearly ANY xp machine. i think that tut should be copied here with a link to the orginal, and this thread or the new thread should be sticky'd

what you say cooper?

Posted

We'd need some interest for this thread first.

This thing does have big potential. I mean, hack an XP box remotely so you get a shell. Download some shitty server proggy that will do your bidding, and use the 'at' command to schedule it's starting in the next minute.

BOOM! Instant god-mode in XP.

If this truly is that simple (i.e. try it as guest first. Then we'll talk) this is a huge snafu for Microsoft. But don't worry, Trusted Computing is still on track. ;)

Posted

i will test tomorrow unless someone will test now? and post screenshots and things like i have a tip for it.

DONT cloe the cmd your account opens, cos then you can kill the explorer the system account makes :P and then reopen YOUR explorer in your cmd window

Posted

tried it as a guest account and with a default setup Guest does not have access to the "at" command now a default setup nor does it work with a limited user account with defautl setup on an XP Pro machine. :lol:

Posted

Yeah I already explained that it doesn't work as guest or normal user accounts. As admin your golden, but it still gives you access to kernel so it's still highly useful as admin.

We might have to find some other ways of escalation to at least admin, then this would rock.

Posted

There's also been some mention of MSOOBE.exe being able to escalate priv's. I think if you run msoobe.exe with an Alternate data stream you might be able to escalate there too.

Posted

I'd be interested to know if this works. I know that the "at xx:yy /interactive ...." trick doesn't work on a fully patched XP Pro SP2 when logged on with limited rights.

There *must* be a way of doing it, it just hasn't been found yet! I know that access to files can be obtained using Knoppix, BartsPE etc., but that seems like cheating.

Posted

Yeah, it's not as fun when you have a boot disk to pop in when your compromising at Best Buy ... err...

The best thing is even as Guest that you can escalate priv's... with some a simple command line hack.

Posted
The best thing is even as Guest that you can escalate priv's... with some a simple command line hack.

I thought that was how this thread started and the technique presented has been kicked into touch for a fully patched XP Pro SP2. Use of MSOOBE.exe sounds interesting.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...