Penetration Testing mailing list archives
Re: How to find the users with local admin rights?
From: kapil assudani <kapil.assudani () yahoo com>
Date: Sun, 8 Apr 2007 06:36:09 -0700 (PDT)
You can use windows 2k resource kit and use the following utility local.exe with the below usage to find the local admins in your domain: #local administrators /DomainName:DomainController SecN3rd ----- Original Message ---- From: WALI <hkhasgiwale () gmail com> To: list () security-database com; igor.mamuzic () koncar-inem hr Cc: pen-test () securityfocus com Sent: Saturday, April 7, 2007 12:42:10 PM Subject: How to find the users with local admin rights? Hi, on the same lines as an earlier posted who sought to find Blank passwords, I was wondering if there is a way to find out, as to who all have Local Administration Rights in my domain? I mean, I want to Audit is if our Helpdesk personnel has scrupulously given Local Admin rights on workstations, or created user accounts with Local Admin rights for their friends/acquaintances etc. I was wondering, if there is an alternative to restrict HelpDesk from knowing local Admin username and password and still do not effect their ability to troubleshoot a problem in case they need to have escalated rights on someone's PC? I know, it's a bit unrelated to this topic but just brought to fore a question I sought some clues on since long. At 06:29 PM 4/5/2007 +0200, SD List wrote:
Try this utility http://download.softerra.com/files/ldapbrowser26.msi I've used it during penetration tests. It enumerates users and a lot of information. Give it a try. Otherwise a linux good tool here http://www-unix.mcs.anl.gov/~gawor/ldap/ SD teamHi all, Is there any way to get a list of Active Directory users with blank passwords? Of course, I'm attempting to discover such user accounts with domain admin privileges. Best Regards, Igor ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE.http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW------------------------------------------------------------------------------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ ____________________________________________________________________________________ Don't pick lemons. See all the new 2007 cars at Yahoo! Autos. http://autos.yahoo.com/new_cars.html ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- RE: How to find the users with local admin rights? Debasis Mohanty (Apr 09)
- <Possible follow-ups>
- Re: How to find the users with local admin rights? kapil assudani (Apr 09)