Hi, reading your mail on the fly.... i would say you should try net use with the following style "/USER:domainname\username" or "/USER:hostname\username" because it might be the old problem with the local admin vs domain admin bye... Oliver ----- Original Message ----- From: "Ian Lyte" <ianlyteat_private> To: <pen-testat_private> Sent: Tuesday, October 30, 2001 5:39 PM Subject: Using Null Session information from NAT.EXE > Running NAT.EXE on a machine my local network gives me the following results > [obvious bits changed] > > > [*]--- Reading usernames from user.txt > [*]--- Reading passwords from bigpass.txt > > [*]--- Checking host: xxx.xxx.xxx.xxx > [*]--- Obtaining list of remote NetBIOS names > > [*]--- Attempting to connect with name: * > [*]--- Unable to connect > > [*]--- Attempting to connect with name: *SMBSERVER > [*]--- CONNECTED with name: *SMBSERVER > [*]--- Attempting to connect with protocol: MICROSOFT NETWORKS 1.03 > [*]--- Server time is Tue Oct 30 14:30:36 2001 > [*]--- Timezone is UTC+0.0 > [*]--- Remote server wants us to encrypt, telling it not to > > [*]--- Attempting to connect with name: *SMBSERVER > [*]--- CONNECTED with name: *SMBSERVER > [*]--- Attempting to establish session > [*]--- Was not able to establish session with no password > [*]--- Attempting to connect with Username: `ADMINISTRATOR' Password: `0' > > <---SNIP---> > > [*]--- Attempting to connect with Username: `ADMINISTRATOR' Password: > `password' > [*]--- CONNECTED: Username: `ADMINISTRATOR' Password: `password' > > [*]--- Obtained server information: > > Server=[xxxxxxx] User=[] Workgroup=[xxxxxxx] Domain=[] > > [*]--- Attempting to access share: \\*SMBSERVER\ <file://\\*SMBSERVER\> > [*]--- Unable to access > > [*]--- Attempting to access share: \\*SMBSERVER\ADMIN$ > <file://\\*SMBSERVER\ADMIN$> > [*]--- WARNING: Able to access share: \\*SMBSERVER\ADMIN$ > <file://\\*SMBSERVER\ADMIN$> > [*]--- Checking write access in: \\*SMBSERVER\ADMIN$ > <file://\\*SMBSERVER\ADMIN$> > [*]--- WARNING: Directory is writeable: \\*SMBSERVER\ADMIN$ > <file://\\*SMBSERVER\ADMIN$> > [*]--- Attempting to exercise .. bug on: \\*SMBSERVER\ADMIN$ > <file://\\*SMBSERVER\ADMIN$> > > [*]--- Attempting to access share: \\*SMBSERVER\C$ <file://\\*SMBSERVER\C$> > [*]--- WARNING: Able to access share: \\*SMBSERVER\C$ > <file://\\*SMBSERVER\C$> > [*]--- Checking write access in: \\*SMBSERVER\C$ <file://\\*SMBSERVER\C$> > [*]--- WARNING: Directory is writeable: \\*SMBSERVER\C$ > <file://\\*SMBSERVER\C$> > [*]--- Attempting to exercise .. bug on: \\*SMBSERVER\C$ > <file://\\*SMBSERVER\C$> > > [*]--- Attempting to access share: \\*SMBSERVER\D$ <file://\\*SMBSERVER\D$> > [*]--- WARNING: Able to access share: \\*SMBSERVER\D$ > <file://\\*SMBSERVER\D$> > [*]--- Checking write access in: \\*SMBSERVER\D$ <file://\\*SMBSERVER\D$> > [*]--- WARNING: Directory is writeable: \\*SMBSERVER\D$ > <file://\\*SMBSERVER\D$> > [*]--- Attempting to exercise .. bug on: \\*SMBSERVER\D$ > <file://\\*SMBSERVER\D$> > > [*]--- Attempting to access share: \\*SMBSERVER\ROOT > <file://\\*SMBSERVER\ROOT> > [*]--- Unable to access > > [*]--- Attempting to access share: \\*SMBSERVER\WINNT$ > <file://\\*SMBSERVER\WINNT$> > [*]--- Unable to access > > > Now from here I thought it would just be a case of > > NET USE Z: xxx.xxx.xxx.xxx\c$ /user:administrator password > > to map the C$ to a local z: > > However every time I try that it gives me a > > System error 1326 has occurred. > Logon Failure: unknown user name or bad password. > > Now I have gone to the machine and know that the user:pass combo is correct. > > So, what am I doing wrong? I've searched the archives to no avail and I > notice on Google groups that a lot of people have asked the same question > but not received an answer. So I am turning to you guys ;) > > Ian > > _________________________________________________________________ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp > > > -------------------------------------------------------------------------- -- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Oct 30 2001 - 16:41:52 PST