Vulnerability Development mailing list archives
Windows 2000 remote brute force
From: Sardañons, Eliel <Eliel.Sardanons () PHILIPS EDU AR>
Date: Tue, 6 Feb 2001 10:11:12 -0300
<<w2kcrack.tar.gz>> With this utility I have made, we are able to brute force the Windows 2000 Advance Server Administrator password, very fast... Just trying the passwords using the LDAP service... You must change all the variables in the program, I couldn't have time to make a parser... I have tryed it in the same LAN and is fast... I have said the Administrator passwords, but if the other Users aren't disabled with a number of trys then you can brute force all the other users.... And I have found a problem in the w2k LDAP service, it sends to you different errors if you request an object that doesn't exist or an object that exist, just you must login as a 'guest' user and try some users names and know if a user exist or not.. and then brute force the password of that user :)
Attachment:
w2kcrack.tar.gz
Description:
Current thread:
- Windows 2000 remote brute force Sardañons , Eliel (Feb 06)
- Re: Windows 2000 remote brute force Christopher Gerg (Feb 06)