Penetration Testing mailing list archives
Re: [PEN-TEST] How to test 1 byte password for win9X share
From: Dragos Ruiu <dr () DURSEC COM>
Date: Wed, 18 Oct 2000 13:45:39 -0700
On Wed, 18 Oct 2000, you wrote:
Fooling around the other night, I added scanning for 1-byte vulnerabilities to NAT (Netbios Auditing Tool). If it can't get into a share without a password, it tries brute-forcing the 1-byte bug. I've only tried this on a Win98 share w/ share-level security, YMMV. Patch is attached.
IMHO the Nessus NASL script for this is one of the slickest bits of work I've seen in a while.... It's a lot less bulky than having to haul around the entire samba tree for an exploit consisting of a 10 line patch... :-) They had some fine timing with that as it has been available for quite a while now..... cheers, --dr -- Dragos Ruiu <dr () dursec com> dursec.com ltd. / kyx.net - we're from the future gpg/pgp key on file at wwwkeys.pgp.net
Current thread:
- [PEN-TEST] How to test 1 byte password for win9X share Fabio Pietrosanti (naif) (Oct 17)
- Re: [PEN-TEST] How to test 1 byte password for win9X share soren (Oct 17)
- Re: [PEN-TEST] How to test 1 byte password for win9X share Christophe GRENIER (Oct 18)
- Re: [PEN-TEST] How to test 1 byte password for win9X share ghandi (Oct 18)
- Re: [PEN-TEST] How to test 1 byte password for win9X share Dragos Ruiu (Oct 18)
- Re: [PEN-TEST] How to test 1 byte password for win9X share soren (Oct 17)