Any chance they could air-freight you the box and let YOU hack it so you don't have to get on a plane?
-----Original Message----- From: Peter van Houten [mailto:[email protected]] Sent: Friday, May 14, 2010 8:14 AM To: NT System Admin Issues Subject: Re: XP Box inaccessible Thanks Tammy; most of my attempts at remote access were fruitless. Besides breaking the login process, the code *seems* to have disabled all access vectors that I know of, with the exception of IPC$ (with null credentials only) via which I have made a connect/disconnect but nothing more and was hoping that some bright spark knew of an attack via this route. It does appear to parse the initial login credentials correctly (and probably stores them). Have nmap scanned aggressively and shown ports 139 & 445 open, hence the partial netbios access as above. The suit using this PC won't allow anyone else other than myself within 50 paces but was able to defer the requirement for the important docs on the system's desktop [say goodbye to his write access to /desktop :-) ], so I have a weekend reprieve (and more time to hack it). -- Peter van Houten On the 14 May, 2010 04:10, Tammy wrote the following: > Can you access the machine's registry from a machine on the network > using remote registry? It has worked for me a few times. (assuming > userinit.exe exists& is intact) > > Worth a look to see if the userinit value in registry is hosed. > > Key: BrokenMachine\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows > NT\CurrentVersion\Winlogon > > Normally the value for userinit is c:\windows\system32\userinit.exe, > > Fix the value, disconnect registry& reboot the box. > > Just in case they have windows installed to a different > directory/drive etc though might want to check here first: > > Brokenmachine\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session > Manager\Environment > > Regards, > > Tammy Stewart (coppertop) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
