Penetration Testing mailing list archives

Re: Using Null Session information from NAT.EXE

From: Bikar Dude <bika () nuclear biodome org>
Date: Tue, 30 Oct 2001 20:03:03 -0500 (EST)

Compile a modified smbclient with gcc/cygwin on win32.  smbclient will
use it's own stack - this usually fixes a lot of problems with the "net
use" approach with respect to confused user context, existing sessions
to a system and LM authentication levels.

Another fun thing to do with smbclient: Read MS00-072. Laugh.  Write
your own exploit.

-b



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Using Null Session information from NAT.EXE Ian Lyte (Oct 30)
- Re: Using Null Session information from NAT.EXE Oliver Karow (Oct 30)
- Re: Using Null Session information from NAT.EXE Tom Fischer (Oct 30)
  - Re: Using Null Session information from NAT.EXE Bikar Dude (Oct 30)
- <Possible follow-ups>
- RE: Using Null Session information from NAT.EXE Herman Sheremetyev (Oct 30)
- Re: Using Null Session information from NAT.EXE Mike Brentlinger (Oct 30)
- RE: Using Null Session information from NAT.EXE Ian Lyte (Oct 31)
- RE: Using Null Session information from NAT.EXE crazytrain.com (Oct 31)