|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 52
Members: 0
Total: 52
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Opinions on gaining rootaccess? |
|
Posted: Tue Mar 24, 2009 10:20 am |
|
|
ThinSmoke |
Advanced user |
|
|
Joined: Nov 15, 2008 |
Posts: 55 |
|
|
|
|
|
|
|
Hey,
so i have that box i need to get access to, got his IP which took me a while to get him into a trap <_<
Then i started to do a portscan which brought me some things, he runs windows server 2008 enterprise, he has rdp enabled, runs SMTP service, has the windows ftp sevrer running and runs a webserver IIS7.
Rdp bruteforce doesnt apply because iam not aware of any win2k8 server bruteforce tool, tried some usual passes though(4 Users and all of them have passwords).
SMTP service falls away because i dont think there are any major exploits which would help me.
IIS is v7 and theres no public exploit, atleast not that i know of,defaced it already but its a simple html website so yea...
So yea iam basically stuck, what would you suggest me except trying to make him dl a trojan or so? |
|
|
|
|
|
|
|
|
Posted: Mon Mar 30, 2009 6:34 pm |
|
|
oblivi0n |
Beginner |
|
|
Joined: Mar 19, 2009 |
Posts: 2 |
|
|
|
|
|
|
|
since he has a web server, check the pages that are there or for any cms...
check who is the provider of the server, hosting etc!
if you spend some more time and gather all the info that you can find, and not just ports and OS versions im sure that you will be able to do smth!
have in mind that this actions are illegal! |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|