Search
Categories
Underground – Manipulating Windows User Accounts
September 21st, 2008 by 
Patchy
Xauthzx’s Underground video describes how to Create, Delete, and Manipulate Windows user accounts from the command line. Although it is a relatively simple procedure, knowing how to use the Windows net command can be very helpful in many situations.
User Commands
net user – Display User Accounts
net user [Username] * – Change a User’s Password
net user [Username] /del – Delete a User
net user [Username] /add – Add a User
net localgroup – Display Local Groups
net localgroup [Group] [Username] /add – Add User to Local Group
Other Useful Commands
net start – Display Services
net start [Service] – Start Service
net stop [Service] – Stop Service
net share – Manage Shared Folders
net view – Display Network Computers
net view \\[Computer Name] – Display Network Computer’s Shared Folders
net use * \\[Computer Name]\[Shared Folder] – Mount Network Shared Folder Full Scale Video Here
Download Here
If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com
User Commands
net user – Display User Accounts
net user [Username] * – Change a User’s Password
net user [Username] /del – Delete a User
net user [Username] /add – Add a User
net localgroup – Display Local Groups
net localgroup [Group] [Username] /add – Add User to Local Group
Other Useful Commands
net start – Display Services
net start [Service] – Start Service
net stop [Service] – Stop Service
net share – Manage Shared Folders
net view – Display Network Computers
net view \\[Computer Name] – Display Network Computer’s Shared Folders
net use * \\[Computer Name]\[Shared Folder] – Mount Network Shared Folder Full Scale Video Here
Download Here
If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com
Posted in Underground | 
1 Comment
Bypass Cisco Clean Access & Cisco NAC Appliance
September 10th, 2008 by Patchy
Cisco NAC Appliance (formerly Cisco Clean Access) is a Network Admission Control (NAC) product that is uses to enforce security policy on computers seeking to access network resources. Therefore, an administrator can force users to comply to a policy that requires the user to install or remove programs. For example, a university I previously attended required students to install McAfee Antivirus Software and remove Peer-to-Peer programs before they were allowed to access the internet.
To bypass Cisco Clean Access a user can simply change their browser’s User Agent to an Operating System that does not require this program [ex. Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7.8) Gecko/20050511]. An easy way to change your User Agent in Firefox is to download User Agent Switcher.
With Cisco NAC Appliance, Cisco added additional detection mechanisms such as TCP fingerprinting and JavaScript OS detection, so the User Agent trick will not work. However, by changing the default parameters of the Windows TCP/IP stack the user can still connect to the network without running any host-based checks. You can do this with Kevin.
Video Demonstration: Full Scale Video Here
Download Here
To bypass Cisco Clean Access a user can simply change their browser’s User Agent to an Operating System that does not require this program [ex. Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7.8) Gecko/20050511]. An easy way to change your User Agent in Firefox is to download User Agent Switcher.
With Cisco NAC Appliance, Cisco added additional detection mechanisms such as TCP fingerprinting and JavaScript OS detection, so the User Agent trick will not work. However, by changing the default parameters of the Windows TCP/IP stack the user can still connect to the network without running any host-based checks. You can do this with Kevin.
Video Demonstration: Full Scale Video Here
Download Here
Underground – Combine Files
September 4th, 2008 by Patchy
In this Underground video, Crash Overron demonstrates how to hide a RAR file inside an Image file. He does this by utilizing a binary combine which basically concatenates the two files together. To accomplish this in windows use the command:
copy /B [File1 (Image)] + [File2 (RAR)] [Destination File (Image)]
The resulting file can still be view as an image, and the RAR file can still be unpacked. Not only, can this trick be used as a simple type of steganography, but also, it can be used in certain situations to exploit a flaw in a website. If a website has a Local File Inclusion (LFI) flaw and allows users to upload images, an attacker can inject PHP code into the website by using this technique to combine an Image file with a PHP file. Full Scale Video Here
Download Here
If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com
copy /B [File1 (Image)] + [File2 (RAR)] [Destination File (Image)]
The resulting file can still be view as an image, and the RAR file can still be unpacked. Not only, can this trick be used as a simple type of steganography, but also, it can be used in certain situations to exploit a flaw in a website. If a website has a Local File Inclusion (LFI) flaw and allows users to upload images, an attacker can inject PHP code into the website by using this technique to combine an Image file with a PHP file. Full Scale Video Here
Download Here
If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com
Posted in Underground | 6 Comments