Re: penetration test in a Windows 2000/NT network

From: H Carvey (keydet89_at_yahoo.com)
Date: 05/27/03

  • Next message: JC: "Re: Pen test courses" 
    Date: 27 May 2003 20:53:02 -0000
To: pen-test@securityfocus.com
    ('binary' encoding is not supported, stored as-is) In-Reply-To: <000001c31b8a$24b3b620$0300a8c0@Razvan>

    Razvan,

    >1. Get local administrator access to the workstation
    (that couldn't bee
    >too hard now, could it? :) )

    Depends. Some simple configuration settings can make
    it exceedingly difficult to do so...but then, NOT
    making those settings can make it easy.

    >1.2. Given that you have physical access to the
    computer (and a FDD),
    >you could try the excellent tool available at
    >http://home.eunet.no/~pnordahl/ntpasswd/.

    Excellent suggestion.

    >5. Find a computer with a modem attached to it (look
    around the office..
    >you're bound to see one.. ask the fellow to mail you
    some document, to
    >get his IP.. I'd say wardial, but it could be hard to
    determine the IP
    >from the phone number, correct me if I'm wrong..

    Uh...yeah. Not sure where you're going w/ that one.
    Also, just b/c there's a modem in the computer, it
    doesn't mean that it's a good candidate for wardialing.
     You see, not all modems have software listing for an
    incoming call. We have desktops modems where I work,
    and the software is client-based only...it cannot act
    as a server and answer an incoming call. Oddly enough,
    that's a prerequisite.

    >Final thoughts.. I'd leave ettercap and the sorts
    towards the end.. that
    >sort of tools could be quite noisy, and noise is a
    no-no.. on the other
    >hand, windows is a joy to poison (it happily
    overwrites static arp
    >entries, except XP). Anyway, there's quite a lot of
    damage to be done
    >given hands-on access.

    I won't disagree...but "damage" doesn't seem to be the
    goal here. It seems to be more of a case of capture
    the flag..."damage" will highlight the attempts, and
    cause (hopefully) some kind of reaction internally.

    Harlan

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: JC: "Re: Pen test courses"