Electronic Books

m. on January 16, 2004.


The account has had 9 bad password attempts.


The Administrator has only logged in to this computer 2 times.


The PasswordExp is set to 0. (This tell us that the password never expires.)


The logon hours are all set to 1. (This tells us that the Administrator can log
in 24/7.)


Other information.
The username Administrator details have been successfully enumerated
via the USERDUMP application.
Target Enumeration


97
Lab 13: Enumerate User Information
Exploit Data from Target Computer: USERINFO
Prerequisites:
NULL Session
Countermeasures:
Restrict Anonymous, host-based firewalls
Description:
The USERINFO application is designed to gather user information
from the target. Some of the information enumerated is the user
RID, privileges, login times, login dates, account expiration date, network
storage limitations, login hours, and much more. An attacker uses
this information in his or her social engineering phase of an attack.
Procedure:
Establish a NULL session (refer to Lab 8).
From a Disc Operating
System (DOS) prompt type the following syntax:
userinfo \\Target IP Address Target Username
*Note:
Notice the results returned with USERINFO are identical to the USERDUMP
application (see Lab 12). Both tools use the NetUserGetInfo API windows call.
98


Practical Hacking Techniques and Countermeasures
Lab 14: Enumerate User Information
Exploit User Information from Target: DUMPSEC
Prerequisites:
NULL Session
Countermeasures:
Restrict Anonymous, host-based firewalls
Description:
The DUMPSEC application is designed to gather the user
information from the target.


Pages:
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63