Penetration Testing mailing list archives
RE: How to find the users with local admin rights?
From: "Debasis Mohanty" <mail () hackingspirits com>
Date: Mon, 9 Apr 2007 08:22:10 +0530
-----Original Message----- From: Debasis Mohanty [mailto:debasis () hackingspirits com] Sent: Monday, April 09, 2007 8:21 AM To: 'pen-test () securityfocus com' Subject: RE: How to find the users with local admin rights? -----Original Message----- From: Debasis Mohanty [mailto:debasis.mohanty.listmails () gmail com] Sent: Monday, April 09, 2007 8:08 AM To: 'WALI'; 'list () security-database com'; 'igor.mamuzic () koncar-inem hr' Cc: 'pen-test () securityfocus com' Subject: RE: How to find the users with local admin rights? ---> I was wondering, if there is an alternative to restrict HelpDesk from knowing local Admin username and password and still do not effect their ability to troubleshoot a problem in case they need to have escalated rights on someone's PC? <--- One that I am aware of is MakeMeAdmin. It is used to perform actions on a workstation that requires escalated privileges. However, you would still require a admin credential to use it. So create a customize PowerUser or admin user to best suit your need. Get it here - http://blogs.msdn.com/aaron_margosis/archive/2004/07/24/193721.aspx Besides this if you are also looking for a LUA (Least-Privileged User Account) approach then it worth looking at this - https://ms.helifan.net/technet/prodtechnol/winxppro/maintain/luawinxp.mspx hope it help. -d -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of WALI Sent: Saturday, April 07, 2007 10:12 PM To: list () security-database com; igor.mamuzic () koncar-inem hr Cc: pen-test () securityfocus com Subject: How to find the users with local admin rights? Hi, on the same lines as an earlier posted who sought to find Blank passwords, I was wondering if there is a way to find out, as to who all have Local Administration Rights in my domain? I mean, I want to Audit is if our Helpdesk personnel has scrupulously given Local Admin rights on workstations, or created user accounts with Local Admin rights for their friends/acquaintances etc. I was wondering, if there is an alternative to restrict HelpDesk from knowing local Admin username and password and still do not effect their ability to troubleshoot a problem in case they need to have escalated rights on someone's PC? I know, it's a bit unrelated to this topic but just brought to fore a question I sought some clues on since long. At 06:29 PM 4/5/2007 +0200, SD List wrote:
Try this utility http://download.softerra.com/files/ldapbrowser26.msi I've used it during penetration tests. It enumerates users and a lot of information. Give it a try. Otherwise a linux good tool here http://www-unix.mcs.anl.gov/~gawor/ldap/ SD teamHi all, Is there any way to get a list of Active Directory users with blank passwords? Of course, I'm attempting to discover such user accounts with domain admin privileges. Best Regards, Igor ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000 0008bOW
------------------------------------------------------------------------------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016000
00008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000 0008bOW ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- RE: How to find the users with local admin rights? Debasis Mohanty (Apr 09)
- <Possible follow-ups>
- Re: How to find the users with local admin rights? kapil assudani (Apr 09)