PaulDotCom mailing list archives
Re: Nessus Plugin ID #10399 - SMB Use Domain SID to Enumerate Users
From: Mike Patterson <mike () snowcrash ca>
Date: Tue, 19 Apr 2011 13:04:23 -0400
My bet would be it's used to clearly mark service accounts, based on the actual text. I've seen other delimiters used to mark admin and domain admin accounts in a similar fashion. On 2011/04/19 8:35 AM, Cody Dumont wrote:
Thanks for the quick response, I will talk to my customer and see if they have usernames that begin with a "#" sign. On 4/19/11 8:24 AM, "Paul Asadoorian" <paul () pauldotcom com> wrote:Hey Cody, I don't see anything in the plugin code that would place a "#" character in the plugin output. This was either put in the user name when the user was created (if that is even a valid character) or is some weird windows thing. Anyone else have thoughts? Cheers, Paul On 4/18/11 1:15 PM, Cody Dumont wrote:Good afternoon all, When doing a Nessus scan with "10399 - SMB Use Domain SID to Enumerate Users" plugin ID enables, so of the accounts have the "#" sign in front of the name. Here is an example, can you tell what the "#" means? - #iDevice (id 1234) Thanks Cody ------------------------------------------------------------------------ Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552 Fax: 1.877.846.2187Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Nessus Plugin ID #10399 - SMB Use Domain SID to Enumerate Users Cody Dumont (Apr 18)
- Re: Nessus Plugin ID #10399 - SMB Use Domain SID to Enumerate Users Paul Asadoorian (Apr 19)
- Re: Nessus Plugin ID #10399 - SMB Use Domain SID to Enumerate Users Cody Dumont (Apr 19)
- Re: Nessus Plugin ID #10399 - SMB Use Domain SID to Enumerate Users Mike Patterson (Apr 19)
- Re: Nessus Plugin ID #10399 - SMB Use Domain SID to Enumerate Users Cody Dumont (Apr 19)
- Re: Nessus Plugin ID #10399 - SMB Use Domain SID to Enumerate Users Paul Asadoorian (Apr 19)