[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Re: getting administrator rights on win2003 machine?
- To: "valdis.kletnieks@xxxxxx" <valdis.kletnieks@xxxxxx>
- Subject: Re: [Full-Disclosure] Re: getting administrator rights on win2003 machine?
- From: Kenneth Ng <kenneth.d.ng@xxxxxxxxx>
- Date: Thu, 28 Oct 2004 16:29:36 -0400
It gets a bit harder when you have a lot of KVM switches in a big data
center. It gets even harder when the KVM's are IP accessible
throughout the firm because the twits who put it in didn't believe in
IP access lists.
On Thu, 28 Oct 2004 13:22:41 -0400, valdis.kletnieks@xxxxxx
<valdis.kletnieks@xxxxxx> wrote:
> On Thu, 28 Oct 2004 16:49:44 +0200, Honza Vlach said:
> >
> > --9Ek0hoCL9XbhcSqy
> > Content-Type: text/plain; charset=iso-8859-2
> > Content-Disposition: inline
> > Content-Transfer-Encoding: quoted-printable
> >
> > > use knoppix to boot from, mount the ntfs filesystem, and search the net
> > > for
> > > which keys in registry you have to change. there may be other files too
> > > that
> > > you have to change
> > > there even are special bootcd's that are made only for the purpose of
> > > changing
> > > the admin pass etc...
> >
> > I thought that real blackhats don't teach lamers who can't even do their
> > homework properly =^)
>
> The part that nobody's going to tell him:
>
> 1) It's *easy* to whomp a server with a Knoppix boot if you have physical
> access.
>
> 2) It's *HARD* to do so without anybody noticing that the server is down and
> you're sitting there in front of it, typing away as fast as you can. And even
> the most midget-brained user can figure out that if the server is down, and
> you're still typing, and you're *not* the sysadmin, you probably have
> something
> to do with why it's down...
>
> :)
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html