
Penetration Testing mailing list archives
Re: Linux Targets in a Windows Domain
From: Steve Lord <steve () 44con com>
Date: Sat, 17 Sep 2011 21:54:36 +0100
The Linux box should be capable of netbios name spoofing and cryptographic authentication attacks. Combine the two and compare hashes to recovered Linux passwords and Robert's your fathers brother. -- This message sent from a mobile phone. On 17 Sep 2011, at 09:04, Ian Hayes <cthulhucalling () gmail com> wrote:
On Tue, Sep 13, 2011 at 12:45 PM, Doyle, Jason (10090) <jason.doyle () protiviti com> wrote:When performing an internal penetration test of a windows domain with an objective of acquiring domain administrator credentials and/or credit card >information, what is considered useful information on a Linux system? I'm in the situation where the only vulnerability I can find and exploit is on a >Linux web server. Of course, I can attempt to crack all the local password hashes, and try to use those credentials on other systems. I'm just >curious if others have found other types of information / methods that have brought them closer to compromising windows systems and / or the >windows domain. At this time I don't know what other services are hosted on the Linux system.There are a couple of things that come to mind... first would be password re-use. Second, if you've compromised a web server and it's internal, you could leverage that with a little iframe fun and browser-autopwn in Metasploit. Have you rummaged through the filesystem, especially the user home directories and /etc config files? Are there any other services running on the Linux box? ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Linux Targets in a Windows Domain Doyle, Jason (10090) (Sep 16)
- Re: Linux Targets in a Windows Domain Ian Hayes (Sep 17)
- Re: Linux Targets in a Windows Domain Steve Lord (Sep 17)
- Re: Linux Targets in a Windows Domain arvind doraiswamy (Sep 17)
- Re: Linux Targets in a Windows Domain Ian Hayes (Sep 17)