Thread: Bypassing a Cisco IOS firewall

There is a bit of confusion in your story....


when you say you have dumped the password hashes using fgdump and cracked it. My question to you is very simple. How did you dump the hashes with fgdump because, fgdump asks you the administrative priviledged account password for dumping the hashes.

So, if you already know the administrator password, why did you crack it?
how did fgdump work without providing the password???

If you check the second line of my post I have mentioned

a webshell, "a non interactive .php shell" on a webserver the shell was having NT-Authority System privileges.

NT-Authority System privileges is system account which hold more power than Admin accounts, if we could run codes in context of an installed admin service this is possible here php helped in attaining system acess.

Nice thought though.

Originally Posted by fb1h2s

If you check the second line of my post I have mentioned NT-Authority System privileges is system account which hold more power than Admin accounts, if we could run codes in context of an installed admin service this is possible here php helped in attaining system acess.

Nice thought though.

Got you...!

Like master like follower........ its just FB1 version of B0nd's - Boot to Remote Root. I am not comparing anything here... but what I all see is you both share the same passion when it comes to hacking...

awesome...... and i was one of those luckiest person who were there not to read but to listen this idea... watch this idea live....... I felt so enlightened and inspired that i can not explain in words.....i wont say awesome share . or keep it up or anything... all i have for these guys is a big FAT THANK YOU....

Thanks for sharing dude its worth appreciating