Penetration Testing mailing list archives

Re: [PEN-TEST] Network Mapping

From: H Carvey <keydet89 () YAHOO COM>
Date: Thu, 14 Sep 2000 16:56:00 -0000

With NT Hosts for instance you may want to map

all the hosts that have

accounts in a particular domain (I wrote a Perl

script to do this). 

This is a functionality that has uses in vulnerability 
assessments and pen tests.  If you don't mind me 
asking, what does the Perl script look like?  

I've found that, in Perl, one of the API calls that is 
wrapped up in the Lanman module can be used to 
enumerate the NetBIOS names of machines that the 
target sees on the wire.  I've gotten this to work 
successfully over the Internet.  I am sure that this is 
nothing new...but has definite uses, in both white and 
black hat situations...though I really haven't put any 
thought into converting this into a viable step as part 
of either.

Carv

Current thread:

[PEN-TEST] Network Mapping Curphey, Mark (ISS Atlanta) (Sep 13)
- <Possible follow-ups>
- Re: [PEN-TEST] Network Mapping Ollie Whitehouse (Sep 13)
- Re: [PEN-TEST] Network Mapping Teicher, Mark (Sep 13)
  - Re: [PEN-TEST] Network Mapping Mathew Bevan (Sep 14)
- Re: [PEN-TEST] Network Mapping H Carvey (Sep 14)
  - Re: [PEN-TEST] Network Mapping Ryan Permeh (Sep 14)
  - Re: [PEN-TEST] Network Mapping Greg (Sep 14)
  - Re: [PEN-TEST] Network Mapping Teicher, Mark (Sep 14)
    - Message not available
    - Re: [PEN-TEST] Network Mapping Teicher, Mark (Sep 14)
- Re: [PEN-TEST] Network Mapping H Carvey (Sep 14)
  - Re: [PEN-TEST] Network Mapping Frasnelli, Dan (Sep 14)
- Re: [PEN-TEST] Network Mapping The Count of CipherSpace (Sep 27)
  - Re: [PEN-TEST] Network Mapping Edward Mitchell (Sep 27)
  - Re: [PEN-TEST] Network Mapping Visigoth (Sep 27)