[prev in list] [next in list] [prev in thread] [next in thread]
List: vuln-dev
Subject: RE: Named Pipe Impersonation -> CreateProcessAsUser();
From: noir <noir () gsu ! linux ! org ! tr>
Date: 2003-07-14 21:52:07
[Download RAW message or body]
Check Matt Conover's (shok@dataforce.net) IIS impersonation exploit,
he comes up with a cool hack for such situations (intrusive though... ;p)
adding a user in the administrators group and logon as that user to
create a new admin privileged process.
here it's is:
http://www.w00w00.org/files/iisoop.tgz
(neat sploit, nice work!)
- noir
-----Original Message-----
From: wirepair [mailto:wirepair@roguemail.net]
Sent: Monday, July 14, 2003 12:46 PM
To: vuln-dev@securityfocus.com
Subject: Named Pipe Impersonation -> CreateProcessAsUser();
....
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic