-
August 12th, 2003, 09:33 AM
#1
Member
NetBIOS Question
Hi,
I am doing a test on two servers at work.
Netbios on the two servers is enabled and accessible to those who enter correct username and password combinations.
My question is this:
If someone has access to a computer through Netbios (net use * \\192.168.0.1\C$ /U:surreal) can they execute programs that would execute on the server itself and not on the client that issued the command? If so how?
Thanks for your time.
Regards,
Surreal
-
August 12th, 2003, 02:24 PM
#2
Member
Yeah...follow this link and your question will be answered.
http://www.codeguru.com/network/xCmd.html
Hope this helped a bit!
-
August 13th, 2003, 12:46 AM
#3
no but they can aways use WMI tool like psexec
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
August 13th, 2003, 09:39 AM
#4
Originally posted here by Tedob1
no but they can aways use WMI tool like psexec
psexec is definitely a cool tool
It's part of the pstools package and can be downloaded for free on the SysInternals website.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
August 13th, 2003, 05:48 PM
#5
Yes, as has been mentioned PSEXEC is a favorite but there are many others. If you are using NetBios make sure you have the NullSession disabled or all your work will be for naught. A nice little program like ENUM.EXE can quickly enumerate accounts and TONS of useful info as well as perform a dictionary attack on NetBios shares which can quickly lead to the comprise of an otherwise sturdy seeming network, this also emphasizes the importance of strong passwords. I have been able to comprise many a server through the use of simple tools such as enum and a good wordlist.
-Maestr0
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|