Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Classes?

From: vision () WHITEHATS COM (Max Vision)
Date: Mon, 18 Oct 1999 02:10:53 -0700

Well, if you own the book then the password is given to you.  However,
they chose a very easy-to-guess dictionary variant for their ZIP files.
(in particular the unixscan.zip and ntscan.zip)

Determining the password by way of cracking the zips took all of 1 minute
and 14 seconds, so it's not exactly a secret :)

If you can't get the scripts for whatever reason, don't worry that you are
missing out on much.  They are just wrappers for the following utilities:

ntscan.pl is a wrapper for:
  netviewx, netcat, snmputil, epdump, getmac, local, global, user2sid,
  sid2user, netdom, dumpacl

unixscan.pl is a wrapper for:
  finger, dig, showmount, strobe, nmap, fping, rpcinfo, snmpwalk,
  icmpquery

You can find almost all of the above utilities by using a search engine,
any will do.  However, you do need the Microsoft NT Resource Kit (contains
netdom.exe, local.exe, global.exe, and getmac.exe) for the ntscan checks.

Max

On Sun, 17 Oct 1999, Bacano wrote:

Check also the site of the book: http://www.hackingexposed.com (even who had
buy the book must go there to copy the apps refered on the book - no CD
included - there is one zipped app protected with password ... have fun eheh
its easy to find anyway ...)

Other nice (also new) book its Maximum Linux Security
(http://www.samspublishing.com - isbn 0-672-31670-6 - CD with apps included,
and with it, if you dont have a volume manager: mount -tiso9660 /dev/cdrom
/mnt/cdrom ... then to install files on HD type: sh /mnt/cdrom/setup )

[ ]'s ... Bacano
Previous By Date Next
Previous By Thread Next

Current thread: