Did you know that you can escalate you can become the SYSTEM user on a WinXP box simply by using the at command? Try this at home:
at 11:45pm /interactive cmd.exe
You just scheduled a job that will pop up a new cmd window exactly at 11:45pm. Who is the parent of this window? Why SYSTEM of course. But we are not done yet.
Have the new cmd window up? Good. Now kill explorer.exe using the Task Manager. Yes, just kill it! Keep the new cmd window open though. Use it to run explorer again by typing in explorer.exe. Done!
You are now logged in as SYSTEM. You can now go ahead and do all the nifty admin things that you always wanted to do but your IT department wouldn’t let you. ;) You might get in trouble when they find out though. So, don’t go crazy with your newfound power.
If you still don’t believe me, here is a video that shows you how it’s done.
[tags]privilege escalation, windows xp, hax, system user, administrative privileges[/tags]
Pingback: Terminally Incoherent » Blog Archive » How do you lock down XP Home?