everyting that is possible from the graphical swhell is possible from the command prompt using the proper utilities, what exactly is it that you wish to do(or more properly: "Where do you want to go today" :)? as a side, it occurs to me to ask the following of this group: what level of pentration do you perform in an average test? do you penetrate completely? use this to leverage access across a network? what "trophy" do you use to prove access? How do you spell out your level of penetration to your customers? do they understand the difference between "vulnerability assesment" and penetration analysis? just curious how everyone else chooses to do this.... Signed, Ryan Permeh eEye Digital Security Team http://www.eEye.com/Retina -Network Security Scanner http://www.eEye.com/Iris -Network Traffic Analyzer ----- Original Message ----- From: "Matt Andreko" <mandrekoat_private> To: <pen-testat_private> Sent: Friday, July 06, 2001 6:53 AM Subject: win2k pentest - what can i do? > I normally do not do pen tests on the win2k operating system. However I am > doing one at the moment. I have successfully got Administrator privelages, > but only at a pseudo-dos-prompt... Is there anything i can do to get > graphical abillities, since windows is basically useless without just > graphics. I have used the "net user" command to create a new user, and > added it to the Administrators group, but I do not have physical access to > this machine. > > Any help would be appreciated. > > -- > Matt Andreko > On-Ramp Indiana > (317)774-2100 > > > -------------------------------------------------------------------------- ------------ > > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service > For more information on SecurityFocus' SIA service which automatically alerts you to > the latest security vulnerabilities please see: > > https://alerts.securityfocus.com/ > > -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Jul 06 2001 - 13:18:23 PDT