Penetration Testing mailing list archives
Re: Exploiting IPC$
From: mike () genxweb net
Date: Tue, 29 Dec 2009 06:55:24 -0600 (CST)
The $ shares are virtual shares used to facilitate communication between processes and computers over SMB, often to exchange data between computers that have been authenticated.. Them being there does not mean the machine is vulnerable or not. Back in the day when many cable and other high speed companies did not block netbios hackers would use the net use commands and default admin accounts left on the machine to copy their tools to these machines then execute the tools. I would scan the share with something like xscan to see if you can find a default local admin or user account and see where you can go from there. I would also see if the C$ is available. If you can get an account and that is available you could map that share and copy a kit there.
Hello, Can somebody share how to exploit port 445. I am doing a VA and found port 445 open. When I try to connect IPC$, it says access denied. Thanks Cheers- Himanshu ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Exploiting IPC$ Himanshu Goyal (Dec 29)
- Re: Exploiting IPC$ τ∂υƒιφ * (Dec 29)
- Re: Exploiting IPC$ mike (Dec 29)
- Re: Exploiting IPC$ Victor Bishop (Dec 29)
- Re: Exploiting IPC$ Jerome Athias (Dec 29)