Penetration Testing mailing list archives
Re: penetration test in a Windows 2000/NT network
From: H Carvey <keydet89 () yahoo com>
Date: 27 May 2003 20:53:02 -0000
In-Reply-To: <000001c31b8a$24b3b620$0300a8c0@Razvan> Razvan,
1. Get local administrator access to the workstation
(that couldn't bee
too hard now, could it? :) )
Depends. Some simple configuration settings can make it exceedingly difficult to do so...but then, NOT making those settings can make it easy.
1.2. Given that you have physical access to the
computer (and a FDD),
you could try the excellent tool available at http://home.eunet.no/~pnordahl/ntpasswd/.
Excellent suggestion.
5. Find a computer with a modem attached to it (look
around the office..
you're bound to see one.. ask the fellow to mail you
some document, to
get his IP.. I'd say wardial, but it could be hard to
determine the IP
from the phone number, correct me if I'm wrong..
Uh...yeah. Not sure where you're going w/ that one. Also, just b/c there's a modem in the computer, it doesn't mean that it's a good candidate for wardialing. You see, not all modems have software listing for an incoming call. We have desktops modems where I work, and the software is client-based only...it cannot act as a server and answer an incoming call. Oddly enough, that's a prerequisite.
Final thoughts.. I'd leave ettercap and the sorts
towards the end.. that
sort of tools could be quite noisy, and noise is a
no-no.. on the other
hand, windows is a joy to poison (it happily
overwrites static arp
entries, except XP). Anyway, there's quite a lot of
damage to be done
given hands-on access.
I won't disagree...but "damage" doesn't seem to be the goal here. It seems to be more of a case of capture the flag..."damage" will highlight the attempts, and cause (hopefully) some kind of reaction internally. Harlan --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- penetration test in a Windows 2000/NT network heron heron (May 14)
- RE: penetration test in a Windows 2000/NT network Mark Ng (May 14)
- Re: penetration test in a Windows 2000/NT network Michael Thumann (May 14)
- Re: penetration test in a Windows 2000/NT network Chris Beek (May 14)
- RE: penetration test in a Windows 2000/NT network Razvan (May 16)
- Re: penetration test in a Windows 2000/NT network Anders Thulin (May 27)
- <Possible follow-ups>
- RE: penetration test in a Windows 2000/NT network Ballowe, Charles (May 14)
- RE: penetration test in a Windows 2000/NT network Romes, Randall J. (May 14)
- RE: penetration test in a Windows 2000/NT network Herwig . Thyssens (May 15)
- RE: penetration test in a Windows 2000/NT network Matthew Wagenknecht (May 18)
- Re: penetration test in a Windows 2000/NT network H Carvey (May 28)