Results 1 to 16 of 16
Thread: ASP.NET Remote Process Start
Hybrid View
-
25th October 2007 20:41 #1
ASP.NET Remote Process Start
, ASPNET .
- :
, . , .
2 . WMI. , WMI , . permissions Management Consoles WMI DCOM.
credetentials . :
1. , , WMI , .
2. Production Server , .
limited , Users Group, WMI .
System.Management. , ConnectionOptions, ManagedPath, Scope .. . - .
( , , , (: ):
, exception.Code:ConnectionOptions options = new ConnectionOptions(); options.Username = "COMPUTER_NAME\USER"; options.Password = "PASSWORD"; options.Authentication = System.Management.AuthenticationLevel.PacketPrivacy; ManagementScope scope = new ManagementScope(@"\\COMPUTER_NAME\root\cimv2:Win32_Proc", options); scope.Connect()
ConnectionOptions Authority, (, , , ). EventLog- , , Security Audit, Kerebros. ConnectionOptions NTLM.
Authentication , Packet, PacketPrivacy.
,
Exception- :Code:// , , options.Authority = @"Kerebros:\\COMPUTER_NAME"
1) Access Denied scope.Connect()
WMI query-.
2) RPC Service is Unavailable,
, WMI DCOM.
-----------------------------------
SP2
IIS , , 2003 Standart.
.NET Framework 2.0 Visual Studio 2005
, - (:
, .
-
25th October 2007 21:20 #2
ISAPI extension ' WinAPI.
:
The LogonUser function attempts to log a user on to the local computer. The local computer is the computer from which LogonUser was called. You cannot use LogonUser to log on to a remote computer. You specify the user with a user name and domain, and authenticate the user with a plaintext password. If the function succeeds, you receive a handle to a token that represents the logged-on user. You can then use this token handle to impersonate the specified user or, in most cases, to create a process that runs in the context of the specified user.
BOOL LogonUser(
LPTSTR lpszUsername,
LPTSTR lpszDomain,
LPTSTR lpszPassword,
DWORD dwLogonType,
DWORD dwLogonProvider,
PHANDLE phToken
);
...EVGA X299 FTW K|i9-7960X@4.7|4x8 Patriot Viper Steel 4000|GTX 1660 Ti|970 EVO 1 TB|Seasonic Focus GX-1000|Xigmatek Elysium|
Rampage IV Extreme BE|E5-1680v2@4.7|4x4 HyperX 1866|Cougar Aqua 240|GTX 1050 Ti|970 EVO 1/4 TB|CM 850 SilentPro|HAF-X|
-
25th October 2007 21:30 #3
Managed Code. , API ((: . Framework- , , ...
.The LogonUser function attempts to log a user on to the local computer.
-
25th October 2007 22:01 #4
windows . .. com ? . dll (in-process) exe - stand alone GUIID . GUIID . C , . . , wrapper .
An year spent in artificial intelligence is enough to make one believe in God.
Powered by ArchLinux.
-
25th October 2007 21:49 #5
, . . ? , ? ?
EVGA X299 FTW K|i9-7960X@4.7|4x8 Patriot Viper Steel 4000|GTX 1660 Ti|970 EVO 1 TB|Seasonic Focus GX-1000|Xigmatek Elysium|
Rampage IV Extreme BE|E5-1680v2@4.7|4x4 HyperX 1866|Cougar Aqua 240|GTX 1050 Ti|970 EVO 1/4 TB|CM 850 SilentPro|HAF-X|
-
25th October 2007 21:58 #6
-
25th October 2007 22:12 #7
-
26th October 2007 05:20 #8Registered User
Join Date: Jul:2006
Location:
Posts: 480
managed , , , RPC/COM/DCOM .NET . , .NET unmanaged code. Rpc-API-.
-
26th October 2007 12:29 #9
framework e API-. , . :
* PacketPrivacy user credentials.Code:ConnectionOptions options = new ConnectionOptions(); options.Username = "COMPUTER_NAME\\USERNAME"; options.Password = "PASSWORD"; options.Authentication = System.Management.AuthenticationLevel.PacketPrivacy; * options.Impersonation = System.Management.ImpersonationLevel.Impersonate; ManagementPath path = new ManagementPath("\\\\COMPUTER_NAME\\root\\cimv2:Win32_Process"); ** ManagementScope scope = new ManagementScope(path, options); scope.Connect(); ObjectGetOptions obj = new ObjectGetOptions(); ManagementClass classInstance = new ManagementClass(scope, path, obj); ManagementBaseObject inParams = classInstance.GetMethodParameters("Create"); inParams["CommandLine"] = @"c:\Example.exe"; ManagementBaseObject outParams = classInstance.InvokeMethod("Create", inParams, null);
**Win32_Process , , . Win32_LogicalDisk
NTLM.
-
26th October 2007 19:21 #10
.NET WMI (Windows Management Instrumentation), DLL-, COM RPC
Internet - it doesn't make you stupid, it just makes your stupidity more accessible to others
-
26th October 2007 19:49 #11Registered User
Join Date: Jul:2006
Location:
Posts: 480
icaci, , ... COM RPC unmanaged API , ... .NET, , ? , .
-
26th October 2007 20:37 #12
System.Management layer WMI, framework-. MFC- layer Win32 API-. . . .
tips - Framework-. ( multithreading ASP.NET).
-
26th October 2007 22:09 #13Registered User
Join Date: Oct:2003
Location:
Posts: 4,317
. , , netcat . , ( , ). : http://www.vulnwatch.org/netcat/readment.txt
-
2nd November 2007 14:56 #14
Update . .
Network Share. System.Management.ImpersonationLevel.Imp ersonate , , Anonymous User, EventViewer-. System.Management.ImpersonationLevel.Del egation, Authority- Kerebros.
Microsoft- ...
-
23rd November 2007 11:02 #15
.NET remoting / WCF . , service- . ... , . , .DLLs . . run- xe- .
http://www.codeproject.com/csharp/RemotingExec.asp
Last edited by delian; 23rd November 2007 at 12:27. Reason:
-
24th November 2007 18:27 #16




Reply With Quote
Lenovo ThinkPad 15 IdeaPad 15
5th May 2023, 22:16 in