Penetration Testing mailing list archives

Re: Access a remote registry

From: H Carvey <keydet89 () yahoo com>
Date: 18 May 2001 16:39:26 -0000

I'm checking the security of a Windows NT

server. I have first used Retina

to get a general overview of the server, and

it has discovered that the

Guest user has access to the registry.


This post brings up another issue...validation.  
Retina reports that the Guest account is 
allowed access to the Registry remotely...but 
how is this validated.

ISS's Internet Scanner used (v5.8,v6.0) used to 
report that the AutoAdminLogon functionality 
existed if the value was set to '0', which 
according to Microsoft is incorrect.  
Rebooting the system proved this.

The point is...if a commercial tool reports a 
vulnerability, and it's not able to be 
replicated, then whom do you believe?

Current thread:

Access a remote registry BrainSCAN (May 15)
- Re: Access a remote registry H D Moore (May 15)
- RE: Access a remote registry Vladimir Kraljevic (May 15)
- <Possible follow-ups>
- Re: Access a remote registry H Carvey (May 18)
- RE: Access a remote registry Steve Skoronski (May 19)
  - RE: Access a remote registry H C (May 19)