Comments on: Demonstration of Windows XP Privilege Escalation Exploit

By: Acet•∟Yne ™

Acet•∟Yne ™ — Wed, 21 Oct 2009 07:03:09 +0000

There is a much easier way to change passwords of accounts

goto START >> RUN

type:

net users

this shows a list of users

next type:

net user USER *

where user is the user name exactly and dont forget the * afterwards then it should say please type password and then make you confirm it to delete the password simply hit enter without entering a password and again to confirm it

NOTE: this does require admin privliges in the first place but is an easy reset for admin accounts or other user accounts you dont remember the password to or if you are the system admin and need access to the account.

ANOTHER NOTE: as the original intent of this article was not reseting the password but instead a way of gaining SYSTEM account access to run explorer and other windows programs I found this to be a fantastic article. I was simply seeing that the intent of many was to use this for reseting passwords I thought ide show an easier way. Many of you I dont think see the full benifits one gets from being able to run explorer and its dependencies from the SYSTEM account. Many props to the author of this article for the great information

By: Sleek

Sleek — Thu, 08 Oct 2009 13:14:57 +0000

Neat man..thanks

By: Jason

Jason — Tue, 29 Sep 2009 18:54:31 +0000

the at command, by default, is only available for administrators anyway so whats the point? This won’t work on any modern xp system from inside a limited account. This does have it’s uses, but not as practical privilege escalation. Look for the “net use” buffer overflow to get privilege escalation.

By: satish

satish — Fri, 18 Sep 2009 05:55:34 +0000

it worked for me…now i want to disable this command on my machine..how can i do that

By: shane

shane — Sun, 02 Aug 2009 06:56:22 +0000

ask admin to give you privilege…simple.

By: h4x0r.ks

h4x0r.ks — Fri, 24 Jul 2009 09:58:37 +0000

if u are using this only to change admin pwd u can do it with manage (right click of my computer) , at “LOCAL users and groups” -> users -> right click on the user and SET PASSWORD.

By: Mark

Mark — Wed, 15 Jul 2009 22:03:45 +0000

This didn’t work for me. svchost.exe window never opened up. I typed at command again and it said error and listed the job as tomorrow. I typed the command perfectly… tried it 4 times, copied & pasted then changed time. Shows correctly until go time comes then “at” lists at error tomorrow.

By: Mario Chilo

Mario Chilo — Wed, 15 Jul 2009 15:29:10 +0000

And, How I do the same in Windows Vista?

By: -[ Alien FX Fiend ]-

-[ Alien FX Fiend ]- — Fri, 19 Jun 2009 15:42:51 +0000

does anyone know if this exploit will allow you to install a network connection? if so, please email me at total_annihilationx666v@yahoo.com and let me know how

By: ayam

ayam — Thu, 04 Jun 2009 14:26:50 +0000

This hack works well especially if you are the admin user or belong to the admin group, now I can change the administrator’s password using command line tool…I can now amuse myself.