Penetration Testing mailing list archives
RE: Access a remote registry
From: "Vladimir Kraljevic" <vladimir_kraljevic () llbudapest hu>
Date: Tue, 15 May 2001 18:01:32 +0200
1. Make sure that guest accnt. is not disabled (it is, by default on Win2K) 2. Make sure that reg key security is set according to your needs ("Guests", "Authenticated users" or even better, "Everyone" for at least, read) 3. Make sure that "Remote Registry Service" is running on your and the other machine 4. You may want to write some code that explores "RegConnectRegistry" API call, because this can give you more sophisticated answers why a call failed. HTH, Vlaad C:\>-----Original Message----- C:\>From: BrainSCAN [mailto:bscan () bigfoot com] C:\>Sent: Tuesday, May 15, 2001 9:53 AM C:\>To: Penetration test C:\>Subject: Access a remote registry C:\> C:\> C:\>Hello. C:\> C:\>I'm checking the security of a Windows NT server. I have C:\>first used Retina C:\>to get a general overview of the server, and it has C:\>discovered that the C:\>Guest user has access to the registry. C:\> C:\>As I'm not the kind of people who believes anything, and C:\>less if it comes C:\>froma program which can give a false alarm, I have tried to C:\>access the C:\>remote registry by myself using regedit, rededt32 and C:\>reg.exe from a W2K C:\>Pro, but with no luck. I have tried connecting after creating a null C:\>session, but it didn't work either. C:\> C:\>I could connect to other computers where I have Admin C:\>level, so it worked. C:\>How do I connect with Guest access? Is Retina wrong or I'm C:\>doing something C:\>wrong? How can I connect to a remote registry? C:\> C:\>Thanks in adavance. C:\> C:\>
Current thread:
- Access a remote registry BrainSCAN (May 15)
- Re: Access a remote registry H D Moore (May 15)
- RE: Access a remote registry Vladimir Kraljevic (May 15)
- <Possible follow-ups>
- Re: Access a remote registry H Carvey (May 18)
- RE: Access a remote registry Steve Skoronski (May 19)
- RE: Access a remote registry H C (May 19)