While were on the topic, I'm wondering what techniques and/or programs would be of use to effectively audit windows operating systems and services specifically nt based? For example, privelage escelation, buffer overflows, format strings within local programs or system services. Other than a few documents on format strings and buffer overflows, there isn't much information to help aid in the auditing of programs specifically of importance to the windows os. Another main question is how exactly are local privelages gained? For example, under unix only programs suid/sgid that are vulnerable can sometimes be exploited to gain root. Would there be the same thing or something similar to this under an nt environment? and if so, what? Is there any information that I can be directed to that maybe i'm missing? as well as programs and other criteria of importance. Also, is there such things as race conditions under windows? Signal explotation? or things under windows that can be exploited that can't under *nix or vice versa. Any light or reference to information on this topic, considering it is broad scope would be greatly appreceated. -- saint ----------------------------------------------------------- This mail was sent through : https://www.lucifer.at/horde/ -----------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Apr 10 2002 - 21:11:46 PDT