The Security Accounts Manager (SAM) can be stored in LANMAN hash and/or NTLM. LANMAN makes passwords brute-force attacks easy if the SAM is retrieved.
There is a registry setting to look for under "HKLM\System\CurrentControlSet\Control\LSA", there is a key "LMCompatibilityLevel" which has acceptable range of 0-5. 0 is usually default, which means all hashing is acceptable. You should really set it to 4 or 5. Microsoft discuss this on their support site
More useful links include: arp-scan, introduction to steganograhpy, XSS in the Cisco Ironport and how to look up reverse zones for ip addresses in DNS.
The well known SMB vulnerability ms09-001 does have POC exploits but they only crash the concerned system best demonstrated by 4xunderground.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment