Remember the process of raising the right of a cup

Goals: http://www.bkjia.com (replace only the target site, not the site)

In the previous shell, I did not test it in advance. Check your luck !!!!!!
 
Target Server Information Collection
Upload a Trojan
First, run whoami.
 

 
Low Permissions
 
View port
 
 
1433 3389 is enabled. We can try 3389 to connect
 
If no connection is provided, hardware protection is recommended. Continue to see no. First, check if you can add an account.
Check Network Connection
 
 
It seems to be an Intranet
 
 
The server configuration is not very good
Let's see if asp supports !!!
By the way, we can see
 
Value = "server = 127.0.0.1; uid = sa; pwd = swustinfo9901; database = info"/>
 


Not Supported !!!!
Similarly, php does not support !!!!!!!!!
 
Develop an Elevation of Privilege plan: 1. Use 1433. 2. Use the Elevation of Privilege exp. 3. Use other key information
 
1433 Elevation of Privilege: Connection-Execute whoami
 
 
 
Sa has been downgraded !!!!!!!!!
 
Execute the second scheduler claim Authorizer exp
Upload cmd + exp
 
 
I don't know if I can do it. So many times have been done...
 
Continue, regardless of the results, just process !!!!!!!
 
View System Patches
 
No patches are installed !!!!!!!
 
No, it should be something that many people can win .. There are other reasons
 
Let's continue!
 
 
Pr does not work !!!
Let's change the sa permission.
 
 
Access denied ....
 
Microsoft SQL Server 2008 (RTM)-10.0.1600.22 (X64) Jul 9 2008 14:17:44 Copyright (c)
1988-2008 Microsoft Corporation Enterprise Edition (64-bit) on Windows NT 6.1 (Build 7601: Service Pack 1)
 
 
 
Windows2008 + sqlserver2008 speechless !!!!!! Single-core server ..
 
I heard that 2008 iis7 can be used for permission escalation. Try again.
 

 
Cup!
It seems that you have to wait for 2008exp to come out and try again! You guys look ugly!
 
Http://web-attack.org/viewthread.php? Tid = 632