Home page logo

pen-test logo Penetration Testing mailing list archives

Solaris Beginner
From: pma111 <pmaneedham () hotmail com>
Date: Mon, 4 Jan 2010 09:08:31 -0800 (PST)

Is it possible to access data from a Solaris Server on Windows XP machine? If
so could you provide tools or strategies to accomplish this. I've heard of
SAMBA but would prefer some detail on how this works, i.e a share on the
Solaris box would have to be a SAMBA share would it not? Is it possible to
access data on a solaris server from a windows machine in the same active
directory domain, but without any specialist software?

I have a copy of the /etc/shadow/ file from the Solaris Server which
contains the encrypted passwords but I cannot find any Windows based
crackers that will crack these passwords. I also dont know what client
software would be required to access data on the Server from a Windows
machine even if I do decrypt some weak passwords? Did see some mention of
Putty but am unfamiliar with this or SAMBA. I also assume that any "open
file shares" on the Solaris box wont be mappable or reachable to a windows
machine, as is the case on win2k and windows 2003 servers, when all you need
is my network places and hope some of the shares hav been given the deadly
"everyone acl" in NTFS? I appreciate Solaris uses a totally different file
system to NTFS but I assume you can share directories with anyone on the
network if desired? Any tips on accessing data on this Server from Windows
much appreciated.

Out of interest, what are the mailing lists views on Security of a Solaris
Server if every user on the internal network only have windows machines?
Even if there is a weak password or open file share on the Solaris Server,
without specialist software is it fair to say the windows users still
wouldnt be able to get hold of data on the Server, or is that a very naive
view on things?  
View this message in context: http://old.nabble.com/Solaris-Beginner-tp27015916p27015916.html
Sent from the Penetration Testing mailing list archive at Nabble.com.

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]