Penetration Testing mailing list archives
Re: Scanning for blank admin passwords on a windows box
From: "Joshua Levitsky" <jlevitsk () joshie com>
Date: Fri, 12 Jul 2002 20:35:39 -0400
I know Nessus (www.nessus.org) can identify machines capable of having Null passwords. If there isn't a test already to try accounts with blank passwords it would be trivial to write a script for Nessus to do the test you want. -- Joshua Levitsky, MCSE, CISSP, EMTD Desktop Systems Engineer AOL Time Warner ----- Original Message ----- From: "Jason" <cisspstudy () yahoo com> To: <pen-test () securityfocus com> Sent: Thursday, July 11, 2002 9:51 PM Subject: Scanning for blank admin passwords on a windows box
I am looking for a fast multithreaded tool that can scan a range of IP addresses and look for blank administrator (or other user accounts) passwords on a windows NT/2000 server. If it can also try the username as password, server name as password that would also be nice. Doing blank password scanning using the following command line syntax is driving me crazy! FOR /L %i IN (1,1,254) DO net use \\XX.XX.XX.%i\IPC$ "" /u:Administrator Any help appreciated. Jason --------------------------------------------------------------------------
--
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Scanning for blank admin passwords on a windows box Jason (Jul 12)
- RE: Scanning for blank admin passwords on a windows box Paul Craig (Jul 13)
- Re: Scanning for blank admin passwords on a windows box Joshua Levitsky (Jul 13)
- Re: Scanning for blank admin passwords on a windows box Anders Thulin (Jul 15)
- Re: Scanning for blank admin passwords on a windows box Olivier Busolini (Jul 25)
- <Possible follow-ups>
- Re: Scanning for blank admin passwords on a windows box Erwin van der Zwan (Jul 15)
- Re: Scanning for blank admin passwords on a windows box Muhammad Faisal Rauf Danka (Jul 15)