Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] Novell Universal password retriever

From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 22 May 2011 16:48:38 +0200
Hi all,

I'm attaching a script that attempts to retrieve a users universal password over LDAP.
In case the password policy permits administrators to retrieve user passwords ("Allow admin to retrieve passwords" is 
set in the password policy) this script can retrieve the password.

"Universal Password enables advanced password policies, including extended 
characters in passwords, synchronization of passwords from eDirectory to
other systems, and a single password for all access to eDirectory."

In order to test it, you need Novell eDirectory with a password policy set with the above option for the user you wish 
to recover the password.
The script relies on some changes to the LDAP library committed as r23230.

Cheers,
Patrik

Attachment: ldap-novell-getpass.nse
Description: 


--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: