Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Using Null Session information from NAT.EXE

From: Tom Fischer <Tom.Fischer () rus uni-stuttgart de>
Date: Tue, 30 Oct 2001 22:04:15 +0100
Hi,

On Tue, Oct 30, 2001 at 05:39:30PM +0000, Ian Lyte wrote:

Running NAT.EXE on a machine my local network gives me the following results 
[...]
Now from here I thought it would just be a case of
NET USE Z: xxx.xxx.xxx.xxx\c$ /user:administrator password
to map the C$ to a local z:
However every time I try that it gives me a
System error 1326 has occurred.
Logon Failure: unknown user name or bad password.


different LAN Manager authentication level? One box sends LM & NTLM
responses, the other system refuse LM & NTML? 

Windows 2000 config: Group Policy\Computer Configuration\Windows
Settings\Local Policies\Security Options\LAN Manager Authentication
Level

Furthermore use:
NET USE Z: \\xxx.xxx.xxx.xxx\c$ /user:domainname\username password

ciao, Tom
-- 
Tom Fischer                              Tom.Fischer () rus uni-stuttgart de
RUS-CERT University of Stuttgart       Tel:+49 711 685-8076 / -5898 (fax)
Allmandring 30, D-70550 Stuttgart           http://cert.uni-stuttgart.de/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: