Penetration Testing mailing list archives
Re: Using Null Session information from NAT.EXE
From: Tom Fischer <Tom.Fischer () rus uni-stuttgart de>
Date: Tue, 30 Oct 2001 22:04:15 +0100
Hi, On Tue, Oct 30, 2001 at 05:39:30PM +0000, Ian Lyte wrote:
Running NAT.EXE on a machine my local network gives me the following results [...] Now from here I thought it would just be a case of NET USE Z: xxx.xxx.xxx.xxx\c$ /user:administrator password to map the C$ to a local z: However every time I try that it gives me a System error 1326 has occurred. Logon Failure: unknown user name or bad password.
different LAN Manager authentication level? One box sends LM & NTLM responses, the other system refuse LM & NTML? Windows 2000 config: Group Policy\Computer Configuration\Windows Settings\Local Policies\Security Options\LAN Manager Authentication Level Furthermore use: NET USE Z: \\xxx.xxx.xxx.xxx\c$ /user:domainname\username password ciao, Tom -- Tom Fischer Tom.Fischer () rus uni-stuttgart de RUS-CERT University of Stuttgart Tel:+49 711 685-8076 / -5898 (fax) Allmandring 30, D-70550 Stuttgart http://cert.uni-stuttgart.de/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Using Null Session information from NAT.EXE Ian Lyte (Oct 30)
- Re: Using Null Session information from NAT.EXE Oliver Karow (Oct 30)
- Re: Using Null Session information from NAT.EXE Tom Fischer (Oct 30)
- Re: Using Null Session information from NAT.EXE Bikar Dude (Oct 30)
- <Possible follow-ups>
- RE: Using Null Session information from NAT.EXE Herman Sheremetyev (Oct 30)
- Re: Using Null Session information from NAT.EXE Mike Brentlinger (Oct 30)
- RE: Using Null Session information from NAT.EXE Ian Lyte (Oct 31)
- RE: Using Null Session information from NAT.EXE crazytrain.com (Oct 31)