Penetration Testing mailing list archives

Re: Exploiting IPC$

From: τ∂υƒιφ * <tas0584 () gmail com>
Date: Tue, 29 Dec 2009 17:25:04 +0530

If you are allowed active exploitation then try SMB exploits in
Metasploit. Though you have mentioned, just verify again there is
there is no NULL session enumeration.

Command
net use \\X.X.X.X\ipc$ "" /u:""

If it works then you can do the NULL sessions enumerations, run
dumpsec, superscan, NETBIOS enumerator etc. There are lot tools our
there to get the details.

-
Thanks
Taufiq
http://www.niiconsulting.com

2009/12/28 Himanshu Goyal <idhimanshu () gmail com>


Hello,

Can somebody share how to exploit port 445. I am doing a VA and found
port 445 open.

When I try to connect IPC$, it says access denied.

Thanks

Cheers-
Himanshu

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Exploiting IPC$ Himanshu Goyal (Dec 29)
- Re: Exploiting IPC$ τ∂υƒιφ * (Dec 29)
- Re: Exploiting IPC$ mike (Dec 29)
- Re: Exploiting IPC$ Victor Bishop (Dec 29)
- Re: Exploiting IPC$ Jerome Athias (Dec 29)