Penetration Testing mailing list archives

Re: enumerate NT/Win2k users from a linux machine

From: "Crist Clark" <crist.clark () globalstar com>
Date: Mon, 23 Jul 2001 13:52:20 -0700

Chris Barber wrote:


Hi all;

I have a client that uses primarily Linux workstations for the end users.
They use NT and Win2K servers for the storage of many networked applications
and data.  One of the concerns they have is if users on the network would be
able enumerate the login IDs on the NT/Win2k servers from the Linux
workstations.  I have not seen anything on the net lately that would do this
but I thought I would ask those who do this kind of thing all of the time.
I am not Pen-tester by trade but I do dabble from time to time (when I have
some, time that is).

Can anyone lend a hand?


This is easiest to do from another WinXX machine since all of the libs are
"just there." One really cool set of tools, UserInfo and UserDump, are at,

  http://www.hammerofgod.com/download.htm

These work even if the null user has been restricted. The author, Thor, had
some really fun talks at DEFCON.

A UNIX-based tool I've used is 'nat' (a.k.a. 'nbaudit') from,

  ftp://ftp.secnet.com/pub/tools/nat10/

But I don't think it works against systems where the null user has been
restricted. However, it is simply busy-work to reverse-engineer the 
WinXX-based tools to run on a UNIX-like system like Linux. I am not sure if
this has been done.
-- 
Crist J. Clark                                Network Security Engineer
crist.clark () globalstar com                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.  If
the reader of this e-mail is not the intended recipient, or the employee
or agent responsible to deliver it to the intended recipient, you are
hereby notified that any review, dissemination, distribution or copying
of this communication is strictly prohibited.  If you have received this
e-mail in error, please contact postmaster () globalstar com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

enumerate NT/Win2k users from a linux machine Chris Barber (Jul 23)
- Re: enumerate NT/Win2k users from a linux machine Crist Clark (Jul 24)
- RE: enumerate NT/Win2k users from a linux machine Mike Sues (Jul 24)
- <Possible follow-ups>
- Re: enumerate NT/Win2k users from a linux machine Ulrich Keil (Jul 24)