遇到一个SA注入点,拿到了webshell
注入点可以直接执行命令
开了3389,能连接上
问题是始终加不上用户!
net user命令可以执行
net user test test /add
提示“拒绝访问”!
net user user pass
想更改用户密码或者添加用户的时候
就会提示“拒绝访问”
上传过本地的cmd.exe、net.exe、net1.exe
还试过mt.exe克隆和pspasswd.exe更改密码都无效!
因为执行上述文件都一律提示“拒绝访问”!
开始以为是那个目录没有执行权限
传到everyone完全控制的目录同样提示“拒绝访问”!
cacls.exe更改net.exe和net1.exe等文件的访问权限同样提示“拒绝访问”!
和朋友讨论过了,也是加不上用户!
始终不能登录3389,放马运行也同样提示“拒绝访问”!
Application Experience Lookup Service
Application Layer Gateway Service
Automatic Updates
COM+ Event System
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
Distributed Transaction Coordinator
DNS Client
Error Reporting Service
Event Log
FreeHostCServer
FTP Publishing Service
Help and Support
HTTP SSL
IIS Admin Service
IPSEC Services
Logical Disk Manager
Microsoft Search
MSSQLSERVER
Network Connections
Network Location Awareness (NLA)
NT LM Security Support Provider
Plug and Play
Print Spooler
Protected Storage
Remote Access Connection Manager
Remote Procedure Call (RPC)
Remote Registry
Rising Process Communication Center
Rising RealTime Monitor
Routing and Remote Access
Secondary Logon
Security Accounts Manager
Shell Hardware Detection
Simple Mail Transfer Protocol (SMTP)
System Event Notification
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Windows Management Instrumentation
Windows Time
WinHTTP Web Proxy Auto-Discovery Service
Wireless Configuration
Workstation
World Wide Web Publishing Service
引用:
引用第16楼cncxz于2007-05-27 10:15发表的 :
既然net user /add还有更改密码都没有权限,试试
net user administrator /passwordreq:no
这句的意思是"administrator帐号不需要密码",如果可以成功执行的话,3389登陆时administrator的密码就可以留空,直接登陆了,然后进去后再net user administrator /passwordreq:yes恢复就可以了....可以试试...
利用xp_cmdshell扩展执行net user administrator /passwordreq:no
发生系统错误 5。
发表于 2008-7-23 08:34
| 
My Blog:http://www.hackest.cn/ [H.S.T]:http://www.hackm.com/ 
My Blog:http://www.hackest.cn/ [H.S.T]:http://www.hackm.com/ 
My Blog:http://www.hackest.cn/ [H.S.T]:http://www.hackm.com/ 
My Blog:http://www.hackest.cn/ [H.S.T]:http://www.hackm.com/ 