rbk6xs5
Aug 14 2003, 07:37 PM
I need to run a script on our network to determine if we have machines in the field with a blank password. Does anyone know how I can achieve this?
jurk-off
Aug 14 2003, 09:49 PM
you mean you want to look if yur vulnerable??? then use the ipcscan and check yur ips
GAN_GR33N
Aug 15 2003, 03:18 AM
depending on how many computers you are scanning.
if you need to scan alot of boxes i would run "enum.exe" to get usernames.
then use NAT to check for null or weak passwords.
if you only need to scan a few i would try the C.I.S. scanner and disable the modes you don't need
wei
Aug 15 2003, 03:46 AM
if you use windows, maybe MS Baseline Security Analyzer can satisfy your need
virus
Aug 15 2003, 04:24 AM
I suggest GFI LANGuard. Its has the function to establish 'null sessions'. Check it out ....
http://www.gfi.com/lannetscan/
rbk6xs5
Aug 18 2003, 02:50 PM
wow, lots of great ideas. Thanks everyone! I'll post back the solution I used when I get everything working
Edvon
Feb 23 2004, 08:37 PM
So what solution did u use?
Or still not wotking? :|
sylver
Feb 23 2004, 10:23 PM
î think MS Baseline Security Analyzer is the best solution, then u would also see if u need important updates...
DumpZ
Mar 1 2004, 08:09 PM
Are u using a MS Windows domaincontroller? cuz else u can just use pwdump2 in combination with l0pthcrack.
pwdump2 can dump the password hashes.
and l0pthcrack cracks them.
If u r not using aan MS Windows domaincontroller use can scan ur networkt with ipcscan.exe
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
