my question is: if i have the admin account, although if the server as terminal services enable or not , how can i get access remotely with that account so it opens shell or graphic interface or something...? thnkx in advance

psexec.exe

Depends on what ports are open.

What ports are open?

but with psexec.exe the server must have shares or something? cause i got the admin account and i type -> psexec \\XXX.XXX.XXX.XXX -u lalala -p lalala cmd , and says , windows cant connect to that net path... . And i cant launch an interactive shell


edit:

krackatoa, why it depends on what ports are open?

im not really sure what your talking about but... if you have the admin pass and all that connect with dos with...

net use x: \\XXX.XXX.XXX.XXX\c$ /user:user

and if you got xp...

net use x: \\xxx.xxx.xxx.xxx\c$

itll then ask you for the user/pass, when you type in the pass IT WONT SHOW YOU IT, but it is still being typed.

then psexec is...

psexec \\XXX.XXX.XXX.XXX c:\dir\to\your\file.exe


hopefully this helps.. hmm i want to be a Commander in cheif too

you have NT admin account just use program called Dameware, gives u GUI interface alot of options to play with search the board am sure more info on the program

Ports are part of sockets. IP+port=socket

It's the basics of tcp-ip.

Computers use sockets to pass information. So when you say use "net use x: \\XXX.XXX.XXX.XXX\c$ /user:user", The netbios ports have to be open in order for this to work.

Ports 137,138,139 or you can get through on port 445 using smb over tcp-ip.

If these ports are filtered then "net use" type commands fail.

Psexec uses netbios so it wont work if netbios is filtered.

You need to port scan the target to see what ports (aka services) are available that you can attack...

Is LDAP open?,, ect ect...

hmm not sure i understood your question here but will try to be of some help,
if you have the admin user/pass then you can use a tool such as dameware
utilities it is true, but with a graphical interface if the admin is in front of his
computer (guess who saw that ) he will see everything you do, if i was in
your situation i'd do the following:

First connect with dameware with the admin account, then opening a console
MSDos system the create a user(with admin right) using appropriate net
commands, tehn do your things that way, if by any luck Terminal service
is installed then you could use the computer remotely as if it was really yours
even the system administrator can't see it.

But be carefull there are possibilities to see who's connected and opened a
session so that tracing you would be very easy... hmm who sais double remote ??

Hope it helps a bit ^^