kidrockers71
Aug 27 2003, 06:46 PM
is there a file or anyway to secure an iismedia hack?
deztroyer03
Aug 27 2003, 08:13 PM
yea there is but i got a question how did you exec. the file? since you only got a guest account.
kidrockers71
Aug 27 2003, 09:05 PM
i dont have a guest account....what do u mean a guest account?
ducky
Aug 27 2003, 09:17 PM
i think he mean you got guest account on the shell of the machine you hacked...
Most of the machines allow to guests to exec commands...i didn't had any problems with that
MxMx
Aug 27 2003, 09:26 PM
| QUOTE (deztroyer03 @ Aug 27 2003, 08:13 PM) |
| yea there is but i got a question how did you exec. the file? since you only got a guest account. |
which .exe / prog is it than .. with which prog can i secure my iis media server?
thnx
kidrockers71
Aug 27 2003, 09:43 PM
it isnt a guest account it is full ax to the hd and i have admin rights all i need to know is how to secure an iismedia server
dRf
Aug 27 2003, 10:51 PM
hmmm, i hadnt before full admin rights on a wms. how u did it? normal telnet connect on 34816? or with a prog?
kidrockers71
Aug 27 2003, 10:59 PM
yes normal telnet on that port and when u start ur serv-u u should get admin rights but the only think is winnt isw copywrite protected that is the only draw back of it but u do have admin in serv-u just cant write to winnt
dRf
Aug 28 2003, 08:51 AM
but not full admin rights or do u can delete anything form c:\winnt\system32\...
spawn543
Aug 28 2003, 10:00 AM
ok about 90% of the people who cant get admin rights are tryin to exe their stuff in winnt/sys32/.
iis media does not work in the windows/winnt folders..
Try these two places: c:\recycler\ or c:\inetpub or any subdir of those and u should be fine, otherwise move on.
-Btw would some1 please share or redirect me to where that .exe is that secures iis media? thanks.
ducky
Aug 28 2003, 11:30 AM
spawn543 is right....
i usualy make folders like /temp/windowsupdate..something like that...
dRf
Aug 28 2003, 11:47 AM
yeah i dont take the path in the windir, ...
MxMx
Aug 28 2003, 12:00 PM
here is the secure patch for windows 2000 servers ..
http://download.microsoft.com/download/c/6...772-x86-ENU.exehope you now can secure your servers!
dRf
Aug 28 2003, 01:36 PM
no, its a pitty ;(
dozolax
Dec 20 2003, 03:24 AM
yea..it really is too bad
Fareway
Dec 20 2003, 08:02 PM
if you can't secure a server because of to less prevelege, try an prevelige escalation exploit. most machins aren't patched against it. sorry don't know how to spell previlige...
Cyrus
Dec 20 2003, 08:06 PM
these old progs like pipeadmin or getadmin are so old that they are fixed by a sp.
Blast3rPL
Dec 20 2003, 08:09 PM
Is there any privilege escalation tool ?. I had lot of shells on Media with access to C:\winnt\ but I haven't got full admin rights eventually
. It's little fourious because usually Media are rehacked !. Please write Step by Step tutorial if you know the answer.
Cyrus
Dec 21 2003, 09:28 AM
There is a tool called getadmin.exe, but its very old and wont work
| QUOTE |
GetAdmin.exe is a program written by Konstantin Sobolev. It exploits a subfunction in NtAddAtom that does not check the address of the output. By altering where the output can be written to, GetAdmin adds a user to the Administrators group. It works on NT 4.0.
The easiest way to use it is to simply copy it to \TEMP (along with its DLL, GASYS.DLL) and run it like so: GETADMIN GUEST (or whatever account you wish to add).
This will add Guest to the Administrators group.
GetAdmin will add domain accounts on a primary domain controller and even other domain accounts. Since it is a command line tool, it will work across a telnet session.
There is a post SP3 Hot Fix available from Microsoft that defeats this if loaded.
|
The Storm
Dec 25 2003, 03:01 PM
You can intsall Netcat on port 34816 and connectet it with your serv-u or other than can anybody conenct over that port.
Blast3rPL
Dec 26 2003, 01:34 PM
The Storm - ROFLT
I know how to secure my stro but if I don't secure Media exploit hole anybody would be able to connect to my stro by Media hole and he may delete my files / make my stro's down !
I'm talking about way to secure Media IIS hole not stro !
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
