Penetration Testing mailing list archives

[PEN-TEST] Hypothetical Wargaming

From: H Carvey <keydet89 () YAHOO COM>
Date: Sat, 7 Oct 2000 11:52:36 -0000

Assume you're given a pen test.  All you have is a 
domain name.  A couple of quick checks tell you 
that the systems in question are Win32 machines.

Your goal is to "tag" a file.  No DoS allowed.

IIS, Exchange, and MS DNS are being used.  

What steps do you take?  At each step, what do you 
hope to gain, and what programs/scripts/techniques 
do you use (give program name, and command line 
switches/GUI options)?

At each step, assume both NT and Win2K.

Current thread:

[PEN-TEST] Hypothetical Wargaming H Carvey (Oct 07)
- Re: [PEN-TEST] Hypothetical Wargaming Mark Teicher (Oct 09)
- Re: [PEN-TEST] Hypothetical Wargaming Etaoin Shrdlu (Oct 11)
  - Re: [PEN-TEST] Hypothetical Wargaming Bennett Todd (Oct 11)
  - Re: [PEN-TEST] Hypothetical Wargaming van der Kooij, Hugo (Oct 12)
- <Possible follow-ups>
- Re: [PEN-TEST] Hypothetical Wargaming Dunker, Noah (Oct 09)
  - Re: [PEN-TEST] Hypothetical Wargaming Deus, Attonbitus (Oct 10)
- Re: [PEN-TEST] Hypothetical Wargaming Danny DS Stieler (Oct 09)
- Re: [PEN-TEST] Hypothetical Wargaming H Carvey (Oct 11)
  - Re: [PEN-TEST] Hypothetical Wargaming Deus, Attonbitus (Oct 11)