Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Hard-coded passwords in WINNT directory?

From: "Loschiavo, Dave" <DLoschiavo () FRCC CC CA US>
Date: Tue, 28 Nov 2000 07:26:57 -0800
How about in cases where null session enumeration isn't possible (firewall,
RestrictAnonymous, etc) but where you can get to c:\winnt\repair (via RDS,
Unicode, etc) and the sytem is running a FAT partition?

How would you go about sifting the registry for account names and passwords
where services are using impersonation?

-----Original Message-----
From: Tom Vandepoel
To: PEN-TEST () SECURITYFOCUS COM
Sent: 11/28/00 3:22 AM
Subject: Re: [PEN-TEST] Hard-coded passwords in WINNT directory?

[snip]

No doubt other interesting tidbits are stored in the registry. The
question is how much you can access with a null session ofcourse...

Tom.


--
_________________________________________________

Tom Vandepoel
Sr. Network Security Engineer

www.ubizen.com
tel +32 (0)16 28 70 00 - fax +32 (0)16 28 71 00
Ubizen - Grensstraat 1b - B-3010 Leuven - Belgium
_________________________________________________
Previous By Date Next
Previous By Thread Next

Current thread: