* Title: Microsoft Windows Authenticated Command Execution * Download Psexec Tools : https://technet.microsoft.com/en-us/bb842062 * Date : 5/1/2017 * Architectures : x86, x64 * Targets : Automatic * Version : All Version * VulnerabilityType Other : Command Execution * Vendor of Product : Microsoft * Affected Product Code Base : Windows xp , 7 , 8 , 8.1 , 10 , Windows Servers * Attack Type : Remote * Impact Code execution : trues * Video Link : https://www.youtube.com/watch?v=8yCtOTxe68w&t=11s ============================================= Reported By : Guardiran Security Team [DeMoN] ============================================= Description: We Use "psexec" utility provided by SysInternals To Get Access From Other Users on Server Without Any Payload Or User & Password If I Want To Connect To the Other users Without psexec I Will Get { unknown user or bad password } Error. With psexec ==> Connect Correctly To The User Target Without psexec ==> unknown user or bad password We Can Use Psexec Tool To Connect To the Other USers without Any Username and password For Example: First Check query user then run psexec tool on cmd and run This command [ psexec -s \\localhost cmd ] then user command [ tscon ID Number(for example 1) /dest:console ] Windows Without Checking Any User and Password Connect To The User ID 1 # Iranian Exploit DataBase = http://IeDb.Ir [2017-05-03]