RE: SMBRelay issues

From: Zwan-van-der.Erwin (Erwin.Zwan-van-derat_private)
Date: Wed Dec 12 2001 - 23:32:33 PST

Next message: Thomas Springer: "Re: SMBRelay issues"

Previous message: Steven Kieffer: "Stunnel / Unitools / IIS Question"
Maybe in reply to: Thad Horak: "SMBRelay issues"
Next in thread: Thomas Springer: "Re: SMBRelay issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

PS: You might have a look at a tool called WCI as well (Command line tool to
intercept connections for Windows. Including automated routing, bridging and
complete SMB network environment interception, ARP redirection/spoofing. For
sniffing in switched Windows networks. Source included.
http://www.securityfocus.com/tools/1635) However the tool did not worked too
well for me. Seem to have problems setting it up and running. I am still
looking for another tool to do ARP spoofing from a Windows NT command line
rather then Linux(The hosts penetrated always seem to be running WNT or W2K,
never Linux....).

-----Original Message-----
From: Thad Horak [mailto:thadhorakat_private]
Sent: woensdag 12 december 2001 21:18
To: pen-testat_private
Subject: SMBRelay issues


Has anyone successfully used SMBRelay to gather any
information during a pen-test? I'm trying to get it
working in my lab and continue to run into errors.
I've got it to grab port 139 on my w2k box, but it any
machines try to connect to it, I get something like
"Error receiving data". Does anyone have any notes
from successes? All I can find is the write up that
Sir Dystic did for the distribution. Any suggestions
are appreciated. Thanks.

Thad Horak

__________________________________________________
Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Thomas Springer: "Re: SMBRelay issues"
Previous message: Steven Kieffer: "Stunnel / Unitools / IIS Question"
Maybe in reply to: Thad Horak: "SMBRelay issues"
Next in thread: Thomas Springer: "Re: SMBRelay issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Dec 13 2001 - 12:03:42 PST