| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040120145828.GB10361@SDF.LONESTAR.ORG> From: petard at freeshell.org (petard) Subject: local SYSTEM on Windows vs. local root on Unix On Mon, Jan 19, 2004 at 04:20:58PM -0500, KF wrote: > I am currious to know what you folks think the differences are between > obtaining local SYSTEM on a win32 box and obtaining root on a Unix machine. > > Same thing? > Different? > One is worse than the other? Which one? Why? > I'd say best case, it's more or less the same thing. NTAUTHORITY\LocalSystem has complete access to all of the resources of the local machine. IIRC, it is possible to create local users and add them to local groups from a program running with LocalSystem privileges. [This is why I'd say it's equal to root in the best case.] In the worst case, it can be much worse than root. If a domain has been improperly configured such that the computer account for the machine on which you've got LocalSystem is overly privileged, you may have gained control over the domain as well :-) Here's a decent summary of the account: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/localsystem_account.asp regards, petard -- If your message really might be confidential, download my PGP key here: http://petard.freeshell.org/petard.asc and encrypt it. Otherwise, save bandwidth and lose the disclaimer.
Powered by blists - more mailing lists