OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re[2]: locate windows workstation if you know the username

From: Matthew Leeds (mleedstheleeds.net)
Date: Thu Aug 31 2006 - 11:16:09 CDT


For the terminally lazy, you might Google TCPNetView. This GUI utility will give you both the IP address and MAC address.

----------
---Matthew
*********** REPLY SEPARATOR ***********

On 8/30/2006 at 1:05 PM Mike Sues wrote:

>Hello,
>
>if they're using WINS, send a NetBIOS name
>request for the username, netbios service 03
>(i.e. messenger service) to the WINS server.
>It will respond with the IP of the host registered
>to the user's workstation.
>
>--------------------------------------------
>Mike Sues, GCIH
>CEO & Ethical Hack Specialist
>Rigel Kent Security & Advisory Services Inc
>http://www.rigelksecurity.com
>voice:613.233.HACK
>fax :613.233.1788
>toll
>free :1.877.777.H8CK
>--------------------------------------------
>
>
>-----Original Message-----
>From: offset [mailto:offsetubersecurity.org]
>Sent: Wednesday, August 30, 2006 1:34 AM
>To: pen-testsecurityfocus.com
>Subject: locate windows workstation if you know the username
>
>
>Greetings fellow pen-testers,
>
>Looking for ideas on tracking down a windows workstation if you know the
>username.
>
>I know that if I run net send username "" I can tell that the user
>is online without the message box popping up on their machine (usually),
>but
>I'd like to know which workstation a particular user is at for a targeted
>arp spoofing attack against a client.
>
>-off
>
>------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------