RE: Named Pipe Impersonation -> CreateProcessAsUser();

From: noir (noirat_private)
Date: Mon Jul 14 2003 - 14:52:07 PDT

Next message: kathy tuckey: "Does IE object type overflow work only on an Administrator account?"

Previous message: Blue Boar: "Re: Named Pipe Impersonation -> CreateProcessAsUser();"
Maybe in reply to: wirepair: "Named Pipe Impersonation -> CreateProcessAsUser();"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Check Matt Conover's (shokat_private) IIS impersonation exploit,
he comes up with a cool hack for such situations (intrusive though... ;p) 
adding a user in the administrators group and logon as that user to 
create a new admin privileged process.
here it's is:
http://www.w00w00.org/files/iisoop.tgz
(neat sploit, nice work!)

- noir


-----Original Message-----
From: wirepair [mailto:wirepairat_private] 
Sent: Monday, July 14, 2003 12:46 PM
To: vuln-devat_private
Subject: Named Pipe Impersonation -> CreateProcessAsUser();


....

Next message: kathy tuckey: "Does IE object type overflow work only on an Administrator account?"
Previous message: Blue Boar: "Re: Named Pipe Impersonation -> CreateProcessAsUser();"
Maybe in reply to: wirepair: "Named Pipe Impersonation -> CreateProcessAsUser();"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 14 2003 - 14:34:59 PDT