Computer Tips -Tech Info

Sans has a writeup on Windows local privilige escalation using the Windows scheduler and among other things it might be worth starting out by saying that typically, only Administrative group users in Windows XP are allowed to access the Windows Scheduler. However, I have read reference of some installs that even give guests that capability. If that’s a default setting under some install profile – this is a big problem, if it’s just because the administrator chose to make the scheduler accessible to everyone it’s LESS of a problem, but still worth KNOWING about.

Essentially, the Scheduler runs processes with SYSTEM priviliges and so, if you use the scheduler to run cmd.exe you have a command shell with system priviliges. Now, if you’re already administrator, I’m not sure what greater havoc could be caused by having SYSTEM priviliges, however…. if you are an unpriviliged user that has access to the scheduler you can probably see where this can be a problem.

Really, you would expect that if you with admin priviliges schedule some program, that it would run with admin priviliges (not system…) so this is a problem of sorts. How big a problem depends on whether or not ANY user on the system has access to your scheduler.

Popularity: 1% [?]

   Send article as PDF   

• Remote Tech Support with x11vnc and wrapper script So, the idea is that I wanted something "like" the Ultranvnc Single Click download, only for linux. The main idea being is that if someone is looking for a bit of desktop tech support on linux, we don't need to be giving instructions for 5 different package managers, or source......
• Windows Run as to let a legacy program run in XP limited user mode Several months back I had to figure out a way to get Create a card gold (5.0?) run on an XP system. The only real problem was that I had setup the account with limited user privileges (shared machine, several users, all with limited account priviliges.) But, somehow the program......
• Microsoft updates are out for July and they affect no fewer than 18 issues in Office and Windows. 13 issues are tagged as critical, others as important. They are all bundled into 7 update downloads. 8 vulnerabilities within Excel have been addressed in all of this. Office 2000 users will have to manually update (Office XP/2003......

• Download Microsoft Windows 7 RC Hi Folks, Microsoft has released Windows 7 RC. Here's what you need to know: This is pre-release software, so please read the following to get an idea of the risks and key things you need to know before you try the RC. You don't need to rush to get the......
• How to Replace Window Screens Windows screens may look tough, but many times they are all too fragile. One small tear can mean a house filled with bugs, but thankfully, it’s easy enough to fix them if you have the right tools. Here’s a quick guide to replacing and repairing window screens that anyone can......
• Improving Body Weight Trek Mountain Bikes Trek Mountain Bikes and Improving Body Weight - Thrilling but often tricky situations make mountain bike riding fun, especially when exploring various kinds of trail including sharp ascents and easy-going countryside. The environmentally friendly and health inspiring qualities of mountain biking mean that everyone is a winner. The mountain bike......

Similar Posts

• Windows Run as to let a legacy program run in XP limited user mode
• Scheduling tasks in linux – the at command
• Hiding a user from the Welcome screen in Windows XP
• Administrative access on linux systems
• Windows lost administrator password rundown….

This entry was posted on Thursday, August 3rd, 2006 at 11:04 am and is filed under Computers, Security, Windows Software, Windows Tech Support. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.