http://www.securityfocus.com This message was posted by someone on CFDJList. Curiously enough, he tells exactly how the PoisonBox hackers got in. -----Original Message----- From: Raymond B. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 08, 2001 9:42 PM To: CFDJList Subject: [cfdjlist] RE: OT: Lost Password for server If you have a recovery disk (talking from old NT4 experience so bear w/ me if this is completely off) grab l0phtcrack from l0pht Heavy Industries (now www.atstake.com) and run an audit against the SAM_ file to get a password from the hash. Failing that flog the tech who forgot the pw and have them reinstall and reconfigure the entire system. Hehe, if they didn't patch IIS to the absolute most current (last weeks patch) and left the ISAPI printer service (installed by default) take advantage of the buffer overflow and get yourself SYSTEM access w/ a reverse binding of cmd.exe (check securityfocus.com for explanation). There are other tools that you can use to work your way up, but you have to ask if hacking is really less work than just reinstalling (as you have physical access to the box) Note: I'm assuming this is a stand alone web server and not part of a domain, if it is part of a domain you can just use the domain admin account. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
