Penetration Testing: RE: Access a remote registry

["Vladimir Kraljevic" <vladimir_kraljevic () llbudapest hu>]

1. Make sure that guest accnt. is not disabled (it is, by default on Win2K)
2. Make sure that reg key security is set according to your needs ("Guests",
"Authenticated users" or even better, "Everyone" for at least, read)
3. Make sure that "Remote Registry Service" is running on your and the other
machine
4. You may want to write some code that explores "RegConnectRegistry" API
call, because this can give you more sophisticated answers why a call
failed.

HTH,
Vlaad

C:\>-----Original Message-----
C:\>From: BrainSCAN [mailto:bscan () bigfoot com]
C:\>Sent: Tuesday, May 15, 2001 9:53 AM
C:\>To: Penetration test
C:\>Subject: Access a remote registry
C:\>
C:\>
C:\>Hello.
C:\>
C:\>I'm checking the security of a Windows NT server. I have
C:\>first used Retina
C:\>to get a general overview of the server, and it has
C:\>discovered that the
C:\>Guest user has access to the registry.
C:\>
C:\>As I'm not the kind of people who believes anything, and
C:\>less if it comes
C:\>froma program which can give a false alarm, I have tried to
C:\>access the
C:\>remote registry by myself using regedit, rededt32 and
C:\>reg.exe from a W2K
C:\>Pro, but with no luck. I have tried connecting after creating a null
C:\>session, but it didn't work either.
C:\>
C:\>I could connect to other computers where I have Admin
C:\>level, so it worked.
C:\>How do I connect with Guest access? Is Retina wrong or I'm
C:\>doing something
C:\>wrong? How can I connect to a remote registry?
C:\>
C:\>Thanks in adavance.
C:\>
C:\>