Penetration Testing mailing list archives
Re: [PEN-TEST] Pen-testing recon tools for NT
From: Attonbitus Deus <Thor () HAMMEROFGOD COM>
Date: Thu, 25 Jan 2001 11:02:07 -0800
User2Sid and Sid2User are nice. They work even with RestrictAnonymous set to 1. I wrote a little C++ functiod that calls the NetUserGetInfo function at level 3 to enumerate info for known users- but it also works great as a quick way to see if "Administrator" is a valid account and the 'real' Administrator, as well as a quick test for "Admin" and "Test" and stuff like that. It also works with RA set to 1. Ben is going to post it to the Bugtraq archives at some point, but I can get with Al if there is interest before then to see if they will post it now. It may come in handy. AD ----- Original Message ----- From: "Batten, Gerald" <GBatten () EXOCOM COM> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Thursday, January 25, 2001 8:40 AM Subject: [PEN-TEST] Pen-testing recon tools for NT
I was wondering if anybody had any preferences with regards to information gathering tools for NT systems, assuming you have (legitimate) local admin access. I'm looking for tools that can fit nicely on a floppy disk so
that
I can do the analysis of the data off-site. Any tool that requires a re-boot is not an option. I prefer to use the following with my clients: DumpSec pwdump(2) Lophtcrack (once I'm back at my own office) Any other suggestions? Gerald
Current thread:
- [PEN-TEST] Pen-testing recon tools for NT Batten, Gerald (Jan 25)
- Re: [PEN-TEST] Pen-testing recon tools for NT Attonbitus Deus (Jan 25)
- Re: [PEN-TEST] Pen-testing recon tools for NT Nelson Brito(a.k.a. stderr) (Jan 29)
- <Possible follow-ups>
- Re: [PEN-TEST] Pen-testing recon tools for NT Hodge, Tom (Jan 25)
- Re: [PEN-TEST] Pen-testing recon tools for NT Baudendistel Matt Contractor USTC (Jan 29)
- Re: [PEN-TEST] Pen-testing recon tools for NT Thierry (Jan 29)
- Re: [PEN-TEST] Pen-testing recon tools for NT Attonbitus Deus (Jan 25)