Penetration Testing mailing list archives
Re: Copying secret windows file
From: jwbensley () gmail com
Date: 24 Dec 2007 06:40:41 -0000
The SAM file is protected, it is always in use because somebody is logged on, use pwdump if you can upload files and execute them (if you can, slap a trojan/backdoor in too!), apart from that theres not a lot I can say unless you can execute commands (because if you can you can upload files and restart the server and copy the SAM file before it boots into windows before its protected, or copy the registry but thats only if you can execute commands?). What kind of server is it, whats running, is it exchange, copy the exchange database (although that will probably be massive) then sieve through peoples emails? Or if its a web server look for protected parts on the website, is there a .htaccess restricted area, if so try and grab the .htpasswd file? Is it an SQL server, if so try to download the tables, see if there is a tblUsers or something like that? Does it have any shares, i.e. if its a domain controller (Active Directory), looks for staff personal shares where there working is stored for mapped network drives (even better would be to see if it is split say a folder for finance, a folder for management, a folder for IT (Jackpot!). Hope this helped is some how?!?! Bensley. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Copying secret windows file Clone (Dec 23)
- Re: Copying secret windows file Shreyas Zare (Dec 27)
- Re: Copying secret windows file Marco Ivaldi (Dec 27)
- <Possible follow-ups>
- Re: Copying secret windows file jwbensley (Dec 27)
- Re: Re: Copying secret windows file cwright (Dec 27)