hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
Full Version: Novelll Netware
GovernmentSecurity.org > The Archives > General Network Security
Lysergic
Feb 19 2004, 03:45 AM
what are important files in netware 4.x that contain information thats pertanent to gaining superuser access? and the directorys in which they are contained. (allowable directories from a normal user account)? if possible.
AsuKa
Feb 19 2004, 06:12 AM
QUOTE
allowable directories from a normal user account)?


When a user is created on netware networks, they have permissions for absolutley nothing, so the only thing you can access without compromising the system is what the admin felt that you needed to access for that certain account. By far the most powerful tool to gain access to is the NDS or Novell Directory Service which is a complete administration tool used to manage almost every aspect of the system including user accounts. My knowledge of Novell is extremely limited and this is about all I can tell you, but I will do some researching and post anything I come up with.
zero-maitimax
Feb 19 2004, 08:52 AM
.nlm if i'm right in there are the password.. it can be encrypte

4.xx is very vuln..
blackwarrior
Feb 19 2004, 10:47 AM
I did a little reseach also and i found out there's nothing effective against the new versions of novell but you can still (filtered) up the whole network using this:

http://unixpunx.org/txt/exploits_archive/p...ration/yang.zip

hf kido ohmy.gif
zero-maitimax
Feb 19 2004, 11:09 AM
QUOTE (blackwarrior @ Feb 19 2004, 10:47 AM)
I did a little reseach also and i found out there's nothing effective against the new versions of novell but you can still (filtered) up the whole network using this:

http://unixpunx.org/txt/exploits_archive/p...ration/yang.zip

hf kido ohmy.gif

dos exploit :S
T3cHn0b0y
Feb 19 2004, 12:54 PM
Sudden interest in netware...college/uni perhaps? I know of a guy that exploited 1 machine in my college to get root and added his own admin user. He then setup a keylogger running at SYSTEM level and logged everyones passwords that were logging in on the machine. He soon got a legit admin password (admin on domain) and then used dameware to take over the college.

Pretty sweet huh? ph34r.gif
zero-maitimax
Feb 19 2004, 01:15 PM
QUOTE (T3cHn0b0y @ Feb 19 2004, 12:54 PM)
Sudden interest in netware...college/uni perhaps? I know of a guy that exploited 1 machine in my college to get root and added his own admin user. He then setup a keylogger running at SYSTEM level and logged everyones passwords that were logging in on the machine. He soon got a legit admin password (admin on domain) and then used dameware to take over the college.

Pretty sweet huh? ph34r.gif

lol sound good but who does he wanne install a keylogger..?

and when if the computer has reborn. that every time your computer has been start it but a new fresh image over de c drive....

Black Flag
Feb 20 2004, 01:07 AM
yeah thats true ^^

my school currently has something that ghosts the image of the entire system drive to all computers everyday, so basically even if you do get in theres no use. as everything would just get written over again.
blackwarrior
Feb 20 2004, 11:05 AM
your school probably use "magic cards".. well just (filtered) up the whole network using "yang.exe" its really fun tongue.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.