Windows 2000 allows everyone to get administrator rights on computer. Read this article
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Win2000 allows everyone to get admin rights on computer
- Thread starter zombiemach
- Start date
Interesting, but definitely not surprising. The stipulation is that the attacker must have physical access to the PC and its floppy drive. Anytime an intruder has "physical" access to your pc, there's nothing you can do about preventing an experienced user from intruding.
One important note is that this vulnerability can not happen over an internet connection.
~cdogg
"The secret to creativity is knowing how to hide your sources."
- A. Einstein
One important note is that this vulnerability can not happen over an internet connection.
~cdogg
"The secret to creativity is knowing how to hide your sources."
- A. Einstein
You don't have to have physical access to the computer, to gain total power of the hard disc.
Everybody being af member of the LocalAdminGroup on his own w2k-client, and is logged on the Domain, has got this power on every other w2k-client logged on the Domain.
Read more about it:
TryWareDk (Programmer) 02/08/03 (posted 02/08/03)
Does Your colleague have total power of Your pc from his own Windows 2000 pc?
Everybody being af member of the LocalAdminGroup on his own w2k-client, and is logged on the Domain, has got this power on every other w2k-client logged on the Domain.
Read more about it:
TryWareDk (Programmer) 02/08/03 (posted 02/08/03)
Does Your colleague have total power of Your pc from his own Windows 2000 pc?
Well according to this article:
CONDITIONS AND TOOLS
The attack is successful at the following conditions:
1. The attacker must have physical access to the target computer;
2. The attacker must be able to read floppy disks on the target computer;
3. The attacker must be able to boot the system on the target computer.
Unless you have a link to a different exploit? ________
Remember, you're unique... just like everyone else.
CONDITIONS AND TOOLS
The attack is successful at the following conditions:
1. The attacker must have physical access to the target computer;
2. The attacker must be able to read floppy disks on the target computer;
3. The attacker must be able to boot the system on the target computer.
Unless you have a link to a different exploit? ________
Remember, you're unique... just like everyone else.
TryWareDk, I think you are confusing the article that zombiemach posted above with another hack. There are ways to take control of Win2K pc's quite easily if you're in the domain. However, not with the hack method listed at that site, which requires access to the floppy drive.
Like jasen said, perhaps you were referring to another "exploit"?? ~cdogg
"The secret to creativity is knowing how to hide your sources."
- A. Einstein
Like jasen said, perhaps you were referring to another "exploit"?? ~cdogg
"The secret to creativity is knowing how to hide your sources."
- A. Einstein
What's sad is that the above article is it's TOO MUCH WORK. Anyone with a clue would just do this:
Boot it, and you're done in 2 minutes and you become the local admin!
Boot it, and you're done in 2 minutes and you become the local admin!
To JASEN and CDOG:
No I am not talking about another hack, when I wrote my reply to ZOMBIEMATH: You don't have to have physical access to the computer, to gain total power of the hard disc.
What I tried to explain is, forget about ZOMBIEMATH way to do it. It isn't nescessary. Maybee You already has got administrator rights on all Your colleguaes workstation, without doing anything. Your IT-sysadm maybee already gave You that right, without knowing it.
To LANDER215:
As I already answered, there is more about it in my post:
Desktop Software Area
Microsoft: Windows 2000 Professional Forum
TryWareDk (Programmer) 02/08/03 (posted 02/08/03)
Does Your colleague have total power of Your pc from his own Windows 2000 pc?
No I am not talking about another hack, when I wrote my reply to ZOMBIEMATH: You don't have to have physical access to the computer, to gain total power of the hard disc.
What I tried to explain is, forget about ZOMBIEMATH way to do it. It isn't nescessary. Maybee You already has got administrator rights on all Your colleguaes workstation, without doing anything. Your IT-sysadm maybee already gave You that right, without knowing it.
To LANDER215:
As I already answered, there is more about it in my post:
Desktop Software Area
Microsoft: Windows 2000 Professional Forum
TryWareDk (Programmer) 02/08/03 (posted 02/08/03)
Does Your colleague have total power of Your pc from his own Windows 2000 pc?
I should have said I found an Internet site that appears to be yours? where I read about it. You keep trying to say, I think, that you have a post here? We're in the W2K Pro forum already, so I don't understand to what exactly you're trying to refer to.
To LANDER215:
I am only referring to my own post on tek-tips.com posted 02/08/03.
About it-sysadmins leaving such a gap!
Don't You know that many it-sysadms leaves "empty" GlobalDomainGroups in every LocalAdminGroup ready to grant a DomainUser membership for a very short time, when it's neaded?
When the it-sysadms does that, they leaves the gap open!
I am only referring to my own post on tek-tips.com posted 02/08/03.
About it-sysadmins leaving such a gap!
Don't You know that many it-sysadms leaves "empty" GlobalDomainGroups in every LocalAdminGroup ready to grant a DomainUser membership for a very short time, when it's neaded?
When the it-sysadms does that, they leaves the gap open!
- Status
Similar threads
- Locked
- Question
- Locked
- Question