Penetration Testing mailing list archives
Re: Pen Test Novell 5.5 w/ groupwise ?
From: Tim <pand0ra.usa () gmail com>
Date: Wed, 2 Aug 2006 23:44:51 -0600
I used to admin a Netware system a while back (4.x-6.x) I know of one particular tid-bit where you can use rconsole to connect to the server and login as admin without a password (user:admin, password:<blank>). Since DS is a LDAP system try doing anon LDAP queries. The GW client can be used to connect to other user accounts without logging in as that user (the security setting has to be poorly configured for that) by adding some switches on the run line (/@u or something). What netware services are they running (Print services, iManager, iFolder, etc.)? Make sure you have the client (both novell and GW). The Novell client will ID the systems on the network. Netware typically runs Apache and tomcat for the management console (iManager). A Java interface is also used in setting up something (hey, it's been a few years). Novell's web site has a great search engine and can pin a lot of this down for you pretty quickly. On 8/2/06, Chris Serafin <chris () chrisserafin com> wrote:
Hello all, I'm doing a large pen test of a client who has Novell 5.5 and uses groupwise for their email. In addition to trashing their network via many other vulnerabilities, I wanna try to exploit the Novell system. I have run GFI LanGuard against it, with sad results. I'm running Nessus as I speak, so I don't know the results of that just yet. I saw a new vuln came out today , but it was for 6.x only from the advisory. Anyone have tips or tricks, as I parellel google search? Chris Serafin IT Security / Cisco Engineer chris () chrisserafin com ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------
Current thread:
- Let's exploit this Tim (Aug 02)
- Pen Test Novell 5.5 w/ groupwise ? Chris Serafin (Aug 02)
- Re: Pen Test Novell 5.5 w/ groupwise ? Tim (Aug 02)
- Re: Let's exploit this Michal Zalewski (Aug 02)
- Re: Let's exploit this James Harless (Aug 02)
- Re: Let's exploit this Serg B. (Aug 02)
- <Possible follow-ups>
- RE: Let's exploit this Krpata, Tyler (Aug 02)
- Re: Let's exploit this Tim (Aug 02)
- Re: Let's exploit this mikeiscool (Aug 02)
- Re: Let's exploit this Tim (Aug 02)
- Re: Let's exploit this Tim (Aug 02)
- Pen Test Novell 5.5 w/ groupwise ? Chris Serafin (Aug 02)