RE: Network Mapping

["Murda Mcloud" <murdamcloud () bigpond com>]

Afaik, the password is encrypted when in the command(it is for runas) and on
the wire but if you write a script, then you are more than likely putting
the password in clear text in the script.(unless you write it to prompt for
a password and somehow encrypt that interaction which seems like a lot of
trouble).
There are utilities that can pass encrypted passwords for runas and maybe
they could do it for net use.

Is this a logon script, if so, then why not use GP to apply the script? Is
it vbscript?
Then you can use something like this in WSH;

WSHNetwork.MapNetworkDrive "W:", "\\YOURSERVER\" & UserString, PERSISTENT

Much easier.


> > -----Original Message-----
> > From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> > On Behalf Of s0h0us () yahoo com
> > Sent: Thursday, September 11, 2008 1:20 AM
> > To: security-basics () securityfocus com
> > Subject: Network Mapping
> >
> > are passwords use in a net use command encrypted?
> >
> > i'm writing a script to map a drive (to a windows 2003 server) in the
> > background, passing username and password parameters,i just wasn't sure
> > if the password could get pickup in clear text using a sniffer.
> >
> > thanks for your feedback