|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
generic privellage escalation
From: Ben Greenberg (benfallout2
hotmail.com)
Date: Wed Dec 31 2003 - 17:00:06 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Are there any papers out there that detail a generic method for privellage
escalation. specifically the following situations are ones in which id like
to know a method for always escalating privellages; when i do security
audits i always want to show the full extent of the vulnerability:
specifically
-----
-ability to execute commands one at a time statelessly through the url, and
with a response to the browser ESCALATE TO a netcat created port for
connecting to a shell
-also is there any document with generically applicable php, asp, server
side include command execution/privellage escalation?
thanks--if anyone could point me to anything like this it would make things
a lot easier for me.
ben
_________________________________________________________________
Get reliable dial-up Internet access now with our limited-time introductory
offer. http://join.msn.com/?page=dept/dialup
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]