[unisog] Re: Coordinated Scan

Patrick Aland paland at stetson.edu
Thu Apr 4 14:54:36 GMT 2002


null session enumeration is one easy way.

There is a rather nice perl script called null.pl (don't have url handy)
that will get you a list of usernames, shares, etc on a machine.


On Thu, Apr 04, 2002 at 09:04:10AM -0500, Jenett Tillotson wrote:
> 
> Let me also add that I think this was the result of poor user habits.  3
> of the boxes that were broken into had a blank administrator password.
> Also, there were logs of other attempts on campus where one box had 160
> attempts to log into an account with administrator privileges.
> 
> What puzzles me is that none of the accounts involved were actually the
> administrator account, but another account with administrator privilege.
> Excuse my ignorance with Microsoft products, but how does a hacker find
> out the usernames on a Windows box?
> 
> Jenett Tillotson
> School of Pharmacy
> Purdue University
> 
-- 
------------------------------------------------------------
 Patrick Aland                          paland at stetson.edu
 Network Administrator                  Voice: 386.822.7217
 Stetson University                     Fax: 386.822.7367
------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20020404/9b789836/attachment-0006.bin


More information about the unisog mailing list