Re: Antivirus advice (on freebies)
- From: bcoombes <bcoombes@xxxxxxxxxxxxxxxxxx>
- Date: Wed, 14 Jan 2009 22:52:22 +0000
Synapse Syndrome wrote:
bcoombes <bcoombes@xxxxxxxxxxxxxxxxxx> wrote:Huh? Right click on the process in task manager and chooseOnce you've gone through all of this you would probably come to the conclusion that once you have root/admin rights you can do prettyNaturally. Although in Vista I'm not sure there is any way to be an
much the equivalent in Linux or Vista
actual user with System rights - Administrator is nowhere near the
same thing, just try killing off system processes when you're logged
in as one.
"End Process Tree". Always works for me (As a user with admin privs).
You can do it on remote boxes with
"taskkill.exe/S SYSTEM /U USERNAME /P PASSWORD /IM PROCESS"
To enable the built-in master administrator account open a command
window with administrator privileges and use the command "net user
administrator /active:yes"
You can actually login as SYSTEM, if you really wanted to. I remember reading about it, but I did not try it out.
You certainly could once, after you already had had access to the machine.
There was also this Vista Ultimate privilege escalation hack involving the ease of access magnify.exe file (irony meters go off the scale here):) I think this must now have been patched. You obviously need access to either your own or a *cough* test computer as a_user/admin. As I said I think it has been closed now (not sure may try it later if I can be bothered):)
1) Open System32 folder of your windows.
2) Copy Cmd.exe, Magnify.exe and paste it in two different locations, for
safety purpose.
3) Rename the cmd.exe to Magnify.exe on the backup location.
4) Copy & paste the renamed cmd.exe to system32 folder, this asks for
replacing the Magnify.exe, just continue with replacing.
5) Now restart the system.
6) After restarting the system, the login screen will come, now select the
utility manager, which is on the below left on the screen.
7) Now check the Magnify check box, to open the Magnify.exe, but now this
will open the cmd.exe.
7) In the command prompt, just type the explorer.exe, this will open the
explorer.exe, and desktop, without login in to the system. The user account
provided for login is the system account, so u can do anything with the
system.
You can also play with the windows registry, services, user account change,
and deletion of user accounts, anything you want.
I don't spend much of my time looking or caring about exploits but whenever I use any M$ OS computer I am kind of left with the (probably irrational) feeling that the really l33t could do pretty much what they like with it once they had physical access to it. Many corporate boxes still have a bootable a drive unbelieveably. Anyway regardless of whether my computer is running nix or windoze I make sure any important files are encrypted.
.
- References:
- Antivirus advice (on freebies)
- From: DCA
- Re: Antivirus advice (on freebies)
- From: DCA
- Re: Antivirus advice (on freebies)
- From: Johnny B Good
- Re: Antivirus advice (on freebies)
- From: DCA
- Re: Antivirus advice (on freebies)
- From: Johnny B Good
- Re: Antivirus advice (on freebies)
- From: DCA
- Re: Antivirus advice (on freebies)
- From: Jaimie Vandenbergh
- Re: Antivirus advice (on freebies)
- From: bcoombes
- Re: Antivirus advice (on freebies)
- From: Jaimie Vandenbergh
- Re: Antivirus advice (on freebies)
- From: bcoombes
- Re: Antivirus advice (on freebies)
- From: Synapse Syndrome
- Antivirus advice (on freebies)
- Prev by Date: Re: CD/DVD burning - any point in burning more slowly
- Next by Date: Re: CD/DVD burning - any point in burning more slowly
- Previous by thread: Re: Antivirus advice (on freebies)
- Next by thread: Re: Antivirus advice (on freebies)
- Index(es):
Relevant Pages
|
