Where's my crystal ball? Oh, it rolled under the desk once again. Well, hum, let's blow the dust that covers it... Here we are... So you are using a Microsoft Windows server, isn't it? I don't know the release for sure, the image in the crystal ball isn't very clear (or is it the dust? or maybe my glasses?). And the web server, what can it be? IIS, I suppose. Well, never mind.
Your web server runs under a particular user identity. To achieve you goal, you must ensure that your web server user is able to :
- access the directory where live the programs you want it to run;
- execute the programs you want it to run (from explorer, right-click, Properties, Security tab, add the minimal rights(execution only) for the web server user, normally IUSR_<machinename>).
- instead of juggling with authorizations on system executables, you may make copies in a special directory and give the rights on these copies instead; however these copies may not be updated automatically, among other problems.
| [reply] |
Thanks for the replies.
Unfortunately, I'm still getting problems. I've followed your advice wazoox and there is an IIS user account on the web server which I've given read/execute permissions for the executables I want to run (specifically now, psexec.exe). Its still not running it though - its as if it runs half of psexec and then hangs.
I'll confess to being a complete novice when it comes to IIS - anyone know of anything online that I can read up about it?
| [reply] |
Show Us The Fine Code, dude. My crystal balls has ran out of batteries, and it gets old quickly to play this guessing game. Maybe it works but doesn't display output because you forgot http headers, perhaps it gives some information in the IIS logs, etc. Show the code you wrote, and look at the webserver logs.
| [reply] |
psexec ? - Isn't that the program that lets you run code on a remote machine ?
The IUSER_<computername> account is a LOCAL account, that, by default/design allows execution only on the local machine.
If you need something exotic, try using the runas command to impersonate another identity and execute something. But (warning) this may be a security hazard, because you need to supply the password via STDIN.
"How many times do I have to tell you again and again .. not to be repetitive?"
| [reply] |
| [reply] |
Why would they need to be in the same directory?
Nobody says perl looks like line-noise any more
kids today don't know what line-noise IS ...
| [reply] |
To easily exploit the server
| [reply] |
| [reply] |