Possible Windows Scheduler local privilige escalation



Sans has a writeup on Windows local privilige escalation using the Windows scheduler and among other things it might be worth starting out by saying that typically, only Administrative group users in Windows XP are allowed to access the Windows Scheduler. However, I have read reference of some installs that even give guests that capability. If that’s a default setting under some install profile – this is a big problem, if it’s just because the administrator chose to make the scheduler accessible to everyone it’s LESS of a problem, but still worth KNOWING about.


Essentially, the Scheduler runs processes with SYSTEM priviliges and so, if you use the scheduler to run cmd.exe you have a command shell with system priviliges. Now, if you’re already administrator, I’m not sure what greater havoc could be caused by having SYSTEM priviliges, however…. if you are an unpriviliged user that has access to the scheduler you can probably see where this can be a problem.

Really, you would expect that if you with admin priviliges schedule some program, that it would run with admin priviliges (not system…) so this is a problem of sorts. How big a problem depends on whether or not ANY user on the system has access to your scheduler.

Related Posts

Blog Traffic Exchange Related Posts
  • The end for Windows 98 may be a boost to linux? There are articles out about the demise of official Windows 98 and ME support would be a boost to linux uptake. Realistically, I suppose it may, but I personally am not holding my breath. Here's why. 1) The people still running Windows 98/ME are likely doing so because that's what......
  • Remote Tech Support with x11vnc and wrapper script So, the idea is that I wanted something "like" the Ultranvnc Single Click download, only for linux. The main idea being is that if someone is looking for a bit of desktop tech support on linux, we don't need to be giving instructions for 5 different package managers, or source......
  • Microsoft vulnerability whack-a-mole continues..... Translation - Microsoft patched one vulnerability another surfaces.... Incidents.org brings us the frustrating news.... If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released......
Blog Traffic Exchange Related Websites
  • Download Microsoft Windows 7 RC Hi Folks, Microsoft has released Windows 7 RC. Here's what you need to know: This is pre-release software, so please read the following to get an idea of the risks and key things you need to know before you try the RC. You don't need to rush to get the......
  • The Mental and Behavioral Aspects of Making Change We all know that making change in our lives is both mental and behavioral in nature. Research has shown that in order to make even the most basic changes in our lives, a four step process is involved. The steps are to be positive, add support, make a gesture and......
  • How to Replace Window Screens Windows screens may look tough, but many times they are all too fragile. One small tear can mean a house filled with bugs, but thankfully, it’s easy enough to fix them if you have the right tools. Here’s a quick guide to replacing and repairing window screens that anyone can......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site