Jim, Only allows outbound 53 which is fine. Won't be allowed to execute the .exe though or am I missing something?
k41zen On 30 Mar 2011, at 12:47, Jim Halfpenny wrote: > Hi, > Does the firewall do packet inspection on DNS traffic or is it just a > rule to allow port 53 outbound? You can shovel the data over netcat if > you can connect to a remote system on which you've put a listener on a > permitted port. > > Regards, > Jim > > On 30 March 2011 07:44, k41zen Me <[email protected]> wrote: >> I need to get some user data of a laptop. I have written permission to do >> whats necessary. What I don't have is a lot of time. >> >> Laptop is running Vista SP1 fully patched up to Jan 2011. System is >> bitlockered. I have the users cached creds and the bitlocker PIN so logging >> in as the user is not a problem. System has a software VPN solution on it >> but certificate has failed rendering the NIC useless and removing a whole >> heap of remote options. >> >> System is locked down so that: >> >> 1) 3rd party app stops devices from being attached to the laptop (USB, >> Expresscard, PCI, serial & parallel ports, firewire) >> 2) User has CD/DVD read but not write >> 3) user account rights are very limited >> 4) whitelist in place with mixture of GPO's and 3rd party app to limit >> what the user can run and from where on the system >> 5) cannot stop services >> 6) cannot delete files to break security apps or stop services >> 7) local admin account has been disabled >> 8) FW configured to only allow out DNS and VPN traffic to establish >> session >> 9) user cannot renew VPN cert >> >> I dont have bitlocker recovery PIN so booting into safe mode or placing >> drive into another machine is a no go. Also not stored in AD. >> >> I can't see any other ways to extend to functionality of the laptop so am >> now into privilege escalation. With all the meassures in place anyone know >> of anything that would work? >> >> TIA >> >> k41zen >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
