Solved

Step to find out about server information,

Posted on 2006-06-12
2
199 Views
Last Modified: 2010-05-18
http://www.theiia.org/ITAudit/index.cfm?act=itaudit.archive&fid=5622
"
To make a manual anonymous connection, users need to run the following command from a command prompt:

     Net use \\<server ip address>\ipc$ /u:"" ""  

In this example, the user includes the server's Internet protocol address in the command (e.g., 10.10.10.10). The /u switch denotes the user account that is being employed to authenticate to the server — a null user account in this case or anonymous user connection.

After the anonymous connection is established, the user can access various security configurations on that server. The information that an attacker connecting as the anonymous user gathers is typically used in conjunction with other tools or attack methods. Such information includes:

    * Lists of computer users, including those in the Active Directory.
    * Lists of groups from the computer, including the Active Directory.
    * Security identifiers (SIDs) for user accounts.
    * User accounts for SIDs.
    * List of shared folders.
    * Account policies.
    * NetBIOS name.
    * Domain name with which the computer is associated.
    * List of trusted domains.
"

I do understand you can see all the shared folders after you execute the command above(  Net use \\<server ip address>\ipc$ /u:"" "" ). By going to that computer on you my computer //servername
But I don't understand how you can get the list of computer users using anonymous connection.
Can someone give me a demo?

0
Comment
Question by:kecoak
2 Comments
 
LVL 14

Accepted Solution

by:
canali earned 500 total points
Comment Utility

Set objDomain = GetObject("WinNT://<server ip address>")
objDomain.Filter = Array("User")

For Each objUser In objDomain
    Wscript.Echo objUser.Name
Next

Gas
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

I have never ceased to be amazed how many problems you can encounter on a fresh install of a Windows operating system.  This is certainly case in point& Unable to complete ANY MSI installation.  This means Windows Updates are failing and I can't …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now