My idea is: take a server, and then in iis web site, using the upload loopholes preach a webshell, bothered webshell right after, I think this is, but when I do the experiments I always feel I think is wrong, and (probably thinking I won't do it)
In addition, the right to ask the Windows common method which, the teacher just about two network security of the popular science classes, or recommend what book, thank you for the
CodePudding user response:
https://blog.csdn.net/freestyle4568world/article/details/54712901CodePudding user response:
Your mind is too narrow, not the original core idea!Thinking:
1, the rights of the operating system itself,
1.1, using the public disclosure of the Windows operating system, for a particular system services, the use of the code for elevated privileges leaky has publicly, on the Internet, you can find a number of such public disclosure, many have POC,
1.2, their mining (basic probability is 0),
2, the operating system installed on the right of all kinds of software of
2.1, the operating system comes with some software, found a loophole in the elevated privileges, such as open hole,
High of 2.2, the operating system installed on the permissions of software, such as antivirus software many vulnerabilities have permissions, you can use the right software vulnerabilities,
3, false elevated privileges
Such as bypass the UAC, use of limited administrator privileges to enter administrator privileges,