Penetration Testing mailing list archives
Re: [PEN-TEST] Finding a Windows machine that a user is logged into
From: Joakim Sandström <jode () TRIBALSTORM COM>
Date: Thu, 15 Mar 2001 10:29:17 +0100
Hope this is what you are looking for a small utility that checks the users logged onto a machine (using netbios) the last user in the list is usually the one Ãnteratively logged on if ppl are using pc-anywhere or something similar. There are loads of examples out there on msdn for retrieveing information through netbios that would eval. all computers running and then make a simple script to loop through them and check usersnames..etc.. anyway.. hope this is what you are looking for.. /JODE ps. library needed netapi32.lib and should compile with MS VC++ just fine.. ----- Original Message ----- From: "olle" <olle () NXS SE> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Wednesday, March 14, 2001 3:24 PM Subject: Re: [PEN-TEST] Finding a Windows machine that a user is logged into
On Tue, Mar 13, 2001 at 10:07:54AM +0200, Dawes, Rogan (ZA - Johannesburg)
wrote:
Hi Folks, As part of a demonstration I want to do, I need to find a Windows client that a particular user is logged in to. e.g. on a Windows network, user rdawes is logged in somewhere. I need
the IP
address, so that I can snoop the traffic that he is generating. It is clearly possible to get this info, as for example tools like "net
send
rdawes message" do it. Having done that, I can look in my machine cache using "nbtstat -c" to see who I've been talking to. This is a bit obtrusive, though. I don't want to warn the user that I am watching them, which the "net send" would do. Does anyone have an idea how I can do this quietly?The messenger service used by "net send" uses a broadcast NetBios request for the NetBios name to locate the user. I think netb by sirdystic of cdc might be used to construct such a request, without requiring programming knowledge..... http://pr0n.newhackcity.net/~sd/netbios.html /olle
Attachment:
useron.cpp
Description:
Current thread:
- [PEN-TEST] Finding a Windows machine that a user is logged into Dawes, Rogan (ZA - Johannesburg) (Mar 13)
- Re: [PEN-TEST] Finding a Windows machine that a user is logged into Ted Behling (Mar 14)
- Re: [PEN-TEST] Finding a Windows machine that a user is logged into Fredrik Wallström (Mar 14)
- Re: [PEN-TEST] Finding a Windows machine that a user is logged into olle (Mar 14)
- Re: [PEN-TEST] Finding a Windows machine that a user is logged into Joakim Sandström (Mar 15)
- Re: [PEN-TEST] Finding a Windows machine that a user is logged into Mike Sues (Mar 14)
- Re: [PEN-TEST] Finding a Windows machine that a user is logged into Stephen P. Wilson (Mar 14)
- Re: [PEN-TEST] Finding a Windows machine that a user is logged into Chris Winter (Mar 14)
- Re: [PEN-TEST] Finding a Windows machine that a user is logged into Nelson Brito (Mar 14)