[prev in list] [next in list] [prev in thread] [next in thread]
List: nessus
Subject: Re: Easy way to check for NULL admin passwords
From: Renaud Deraison <deraison () nessus ! org>
Date: 2005-03-24 22:49:52
Message-ID: 20050324224952.GA28795 () nessus ! org
[Download RAW message or body]
On Thu, Mar 24, 2005 at 04:23:16PM -0600, Engstrom, Glenn E (Glenn) wrote:
> I have been looking to see if there is a quick scan I can run to just check if on \
> any windows boxws the administrative account has a NULL password. I was thinking of \
> just setting the SMB account and password appropriately, but not sure which \
> plugin(s) to select.
smb_login.nasl does that. However if you want to simplify it, you can
write the following :
Write a plugin which does the following :
----
include('smb_func.inc');
if ( ! get_port_state(kb_smb_transport()) exit(0);
soc = open_sock_tcp(kb_smb_transport());
if ( ! soc ) exit(0);
session_setup(socket:soc, hostname:kb_smb_hostname());
r = NetUseAdd(login:"administrator", share:"IPC$");
if ( r != 1 ) exit(0); # Could not log in
if ( session_is_guest() ) exit(0); # ForceGuest is set in the registry
security_hole(kb_smb_transport());
NetUseDel();
----
-- Renaud
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic