Security Basics mailing list archives
RE: Network Mapping
From: "Murda Mcloud" <murdamcloud () bigpond com>
Date: Thu, 11 Sep 2008 09:00:42 +1000
Afaik, the password is encrypted when in the command(it is for runas) and on the wire but if you write a script, then you are more than likely putting the password in clear text in the script.(unless you write it to prompt for a password and somehow encrypt that interaction which seems like a lot of trouble). There are utilities that can pass encrypted passwords for runas and maybe they could do it for net use. Is this a logon script, if so, then why not use GP to apply the script? Is it vbscript? Then you can use something like this in WSH; WSHNetwork.MapNetworkDrive "W:", "\\YOURSERVER\" & UserString, PERSISTENT Much easier.
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of s0h0us () yahoo com Sent: Thursday, September 11, 2008 1:20 AM To: security-basics () securityfocus com Subject: Network Mapping are passwords use in a net use command encrypted? i'm writing a script to map a drive (to a windows 2003 server) in the background, passing username and password parameters,i just wasn't sure if the password could get pickup in clear text using a sniffer. thanks for your feedback
Current thread:
- Network Mapping s0h0us (Sep 10)
- RE: Network Mapping Murda Mcloud (Sep 11)
- Re: Network Mapping Kurt Buff (Sep 11)
- Re: Network Mapping Nikhil Wagholikar (Sep 11)