|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Teh Fizzgig (fizzgig
foofus.net)
Date: Thu Apr 05 2007 - 08:06:21 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
igor.mamuzickoncar-inem.hr wrote:
> Hi all,
>
> Is there any way to get a list of Active Directory users with blank passwords? Of course, I'm attempting to discover such user accounts with domain admin privileges.
Do you have a list of users already or are you seeking that information
as well?
If you already have the user list, might I suggest medusa:
http://www.foofus.net/jmk/medusa/medusa.html
You want the smbnt module along with the -ns option (tests for blank
username as well as username = password). It's multithreaded and pretty
quick with these things.
--f
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]