Security: Getting System Privileges on Windows XP

This is extremely dangerous Exploit.

Using simple command line tools on a machine running Windows XP we will obtain system level privileges, and run the entire explorer process (Desktop), and all processes that run from it have system privileges. The system run level is higher than administrator, and has full control of the operating system and it’s kernel. On many machines this can be exploited even with the guest account. At the time I’m publishing this, I have been unable to find any other mention of people running an entire desktop as system, although I have seen some articles regarding the SYSTEM command prompt.

A quick fix

A way to prevent this from happening at all, would be to make the task scheduler service run under a unprivileged account. You can do this by opening the services control panel (Start > Run > services.msc), and right clicking “Task Scheduler” and going to the Log On tab. Change it to “This Account” and enter the account information you want it to use (has to be an existing account) then restart the service. This may break some programs that use the Task Scheduler and depend on it for SYSTEM access; you have been warned. Otherwise, simple disable the Task Scheduler service.

Read more

Author: admin

I like chocolate, gadgets, open source software, photography, traveling and all shades of green colors. I love spending time with fun loving friends and family members. This is my own online journal.

One thought on “Security: Getting System Privileges on Windows XP”

  1. Hi.
    I can gain an access to the services.msc that you were talking about.
    However, every time I try to change the Log On to my account, system 5 error pops up.
    What should I do?
    I have access to command prompt but every time I try to have system priviledge, the system itself wants me to log into the administrator account… (with system 5 error again).
    A little help… Anyone…

Leave a Reply

Your email address will not be published. Required fields are marked *