Penetration Testing mailing list archives
Re: Remoxec (Windows)
From: Chris.McNab () trustmatta com
Date: Tue, 17 Feb 2004 17:58:50 +0000
Hi all, Hidenobou Seki has certainly put out a lot of useful tools at www.securityfriday.com. I did a lot of research into the various tools and attack techniques that could be usef against NetBIOS/CIFS/MSRPC services, and found Remoxec to be useful for executing commands via TCP/135. The tools that I ended up mentioning in my O'Reilly book (Network Security Assessment, http://www.oreilly.com/catalog/networksa/) are as follows: MSRPC enumeration: - epdump (http://www.packetstormsecurity.org/NT/audit/epdump.zip) - rpcdump and ifids (http://razor.bindview.com/tools/files/rpctools-1.0.zip) - RpcScan (http://www.securityfriday.com) MSRPC attack & penetration: - walksam (http://razor.bindview.com/tools/files/rpctools-1.0.zip) - rpcclient (part of Samba TNG, http://www.samba.org) - WMICracker (http://www.netxeyes.org/WMICracker.exe) - Remoxec (http://www.securityfriday.com) NetBIOS & CIFS enumeration: - enum (http://razor.bindview.com/tools/files/enum.tar.gz) - winfo (http://ntsecurity.nu/toolbox/winfo.exe) - GetAcct (http://www.securityfriday.com) NetBIOS & CIFS attack & penetration: - SMBCrack (http://www.netxeyes.org/SMBCrack.exe) - SMB-AT (http://www.cqure.net/tools.jsp?id=1) .. I haven't listed any of the obvious tools in there, pwdump3, regdmp, regini, reg.exe, etc. So please don't drop me back a list of 'useful Windows hacking tools' that you've read about in Hacking Exposed and thought I'd missed! Anyway, without Urity in Japan, and the guys at netXeyes in China, my list of offensive tools would certainly be more bare ;] If you do pick my book up when its released in March, I'll be at InfoSecurity Europe (http://www.infosec.co.uk) in April to sign them and chat over a beer. Take it easy, Chris Chris McNab Technical Director Matta Consulting Limited 18 Noel Street London W1F 8GN 08700 77 11 00 --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.astaro.com/php/contact/securityfocus.php ----------------------------------------------------------------------------
Current thread:
- Remoxec (Windows) Hidenobu Seki (Feb 17)
- <Possible follow-ups>
- Re: Remoxec (Windows) Chris . McNab (Feb 17)