Another idea of Serv-U Privilege Escalation

This evening when another penetration of a site, encountered some difficulties, so looking for information everywhere. Coincidentally see http://eviloctal.bbnl.org/forum/read.php? Tid = 8157 & fpage = 1

In this article, I have encountered this problem before. However, I have solved it myself, but the method used is different from that used by intruder. I am using sniffing.

Token passed to several friends. they are too troublesome. so I had to come by myself. in fact, I thought of a sniffing method. but because of your laziness. so I don't have to worry about it. later I thought it was a pity to put it down like this. continue to study hacking.

Bytes
It overwrites the local host. If you are afraid of any errors, you 'd better select the same version as the target host's Serv-U.

TIPS:
Anyone studying Serv-U will find out. ftpserver set up with Serv-U. even if the user name is incorrect. it prompts you to enter the password. then submit the user and password together, and then
Verify. While the administrator password of the serv-uis servudaemon.exe. therefore, we only need to use the replaced servudaemon.exe for management. It must connect to port 43958 of the local machine, and then submit
User Password. As long as we get it at this time, we can. If you can see it clearly, you don't need to read it anymore. :) continue here ~!

After Serv-U is run, a green U is displayed in the taskbar. but before that. open wsock expert, select servudaemon.exe, and double-click the green U. that is, Serv-U, and a window will pop up. What information is missing, but there is a modified Serv-U Administrator Account in it. then let's take a look at wsock expert. The data obtained in it is modified.
After that, the account password will be ready!

Xiaolu modified the exp of the Serv-U's Local Elevation permission. Haha, let's also modify it. Open the source code of that exp.

Search for localadministrator and # l @ $ AK #. lk; 0 @ P, and replace it with the account and password you have sniffed. Find a compiler and compile it!

In this way, you can get the permission.




Full text



Exp of Serv-U modified by Xiaolu:
Http://666w.cn/soft/serv-u.c

During this period of time, thank you for your interest in me. Jin thanked her in this article!