Re: [NSE] SMB authentication patch

[David Fifield <david () bamsoftware com>]

On Fri, Oct 10, 2008 at 11:12:07AM -0500, Ron wrote:
> > How come I don't see my main "david" account? Is it because it's the
> > same as the Administrator account? It was the account I set up the
> > computer with.
>
> Well, I see a couple odd things:
> - You were able to enum accounts through LSA but not through SAMR. LSA  
> is a bruteforce type lookup, so it can miss accounts. I'm guessing it's  
> a permissions thing, try assigning the user to the administrators group  
> and see if you get better information.

jrandom is an administrator, and I tried with my "david" user name and
password with the same results.

> - The first account, with RID 1010, seems to have the username  
> ",\xE0J\xC0V". I'm not sure if it's supposed to be obfuscated or if I  
> ended up in the wrong field, but it would be useful if you could send me  
> a pcap. RID 1018 is also odd, "Kurt G\xF6del" -- is the username in  
> unicode or is it being read incorrectly?

Those are special names that I use for Zenmap internationalization
testing, so they are supposed to be non-ASCII. See
http://seclists.org/nmap-dev/2008/q3/0796.html.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org