Announcement

Collapse
No announcement yet.

how to access admin$ shares

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #1

    how to access admin$ shares

    just for knowledge purposes, how is it possible to access admin$ share in a remote pc, when it asks for authentication. have used nat, and it shows access gained with different combinations of user/pass. but if the unc \\ipadd is executed from run it asks for user/pass, and if from all the user/pass nat showed working are given then access is not granted,now wat that means, nmap shows the 139 nb session is open. pls note that this is not an attempt to hack/crack the box, i m a sys admin, so to be more security conscious, cops need to learn wat they r protecting from and no offence meant this forum is surely security based.
    helpful replies will be appreciated.

    thx,
    hope to ask further and get aid.
    Tags: None
  • #2
    Stop, take a deep breath, and then retype the entire request in English, if you would.

    As I understand it, you attempt to access an administrator share from offsite through a firewall and your credentials fail. Is that correct?

    Comment

    • #3
      Originally posted by spiker
      just for knowledge purposes, how is it possible to access admin$ share in a remote pc, when it asks for authentication.
      By entering the correct username and password when prompted.

      have used nat, and it shows access gained with different combinations of user/pass.
      That makes no sense. NAT is a function of networking and has nothing to do with NetBIOS authentication.

      but if the unc \\ipadd is executed from run it asks for user/pass,
      Which is exactly what it should do.

      and if from all the user/pass nat showed working are given then access is not granted,now wat that means, nmap shows the 139 nb session is open.
      I think you may be misunderstanding what NAT is for, or using an acronym that has more than one meaning depending on context.

      Comment

      • #4
        Did you type domainname\username on the first line? Sometimes just the username won't cut it.

        Comment

        • #5
          had a nice exhileration

          Originally posted by Voltage Spike
          Stop, take a deep breath, and then retype the entire request in English, if you would.

          As I understand it, you attempt to access an administrator share from offsite through a firewall and your credentials fail. Is that correct?

          Exhilerated and now here goes, yes, my friend, I m attempting to access an adminstrator share in a LAN which I m not able to do without authentication. Now how do I go about it.

          thanks

          Comment

          • #6
            admin$ shares

            Originally posted by astcell
            Did you type domainname\username on the first line? Sometimes just the username won't cut it.

            When u say domainname does it mean the netbios name of the PC that I want access to?

            That means in the user name field "DOMAINNAME\USERNAME" should be given?

            Please correct me if I m wrong.

            Thanks

            Comment

            • #7
              reply

              Originally posted by skroo
              By entering the correct username and password when prompted.



              That makes no sense. NAT is a function of networking and has nothing to do with NetBIOS authentication.



              Which is exactly what it should do.



              I think you may be misunderstanding what NAT is for, or using an acronym that has more than one meaning depending on context.



              By NAT I mean the tool NETBIOS AUDITING TOOL by Andrew Tidgell and not Network Address Translation.

              In other words how do u access an administrator share of another PC in a LAN if the other PC does not have any passwords and only the default users like administrator, guest etc. are created which are anyway created after installation of the OS. When authenticating if in the username field administrator is specified and password is given blank then it does not login. What's wrong, is there a way or I m going wrong somewhere.

              thanks

              Comment

              • #8
                Originally posted by spiker
                Exhilerated and now here goes, yes, my friend, I m attempting to access an adminstrator share in a LAN which I m not able to do without authentication. Now how do I go about it.
                Well you may want to start by reading this: Rules

                This will come in great use to you, seeing as how you want to gain access to something you do not have permission to access.
                "It is difficult not to wonder whether that combination of elements which produces a machine for labor does not create also a soul of sorts, a dull resentful metallic will, which can rebel at times". Pearl S. Buck

                Comment

                • #9
                  Originally posted by spiker
                  By NAT I mean the tool NETBIOS AUDITING TOOL by Andrew Tidgell and not Network Address Translation.

                  In other words how do u access an administrator share of another PC in a LAN if the other PC does not have any passwords and only the default users like administrator, guest etc. are created which are anyway created after installation of the OS. When authenticating if in the username field administrator is specified and password is given blank then it does not login. What's wrong, is there a way or I m going wrong somewhere.

                  thanks
                  It is called basic security. What good would the damn thing be if it allowed anyone to attach to the admin shares?! The admin shares are just that.. shares for admins. If you are not an admin, or do not know the username/pass for an admin user, forget it. Now.. unless your own box or a box you have permission to attack, I would say leave it at that and don't fuck with it. If it is, there are tools out there that will try to bruteforce the admin password to the share, or you can write your own. Just remember.. if it is not your box, that aproach will make lots of noise and you will be (deservingly) caught.
                  Happiness is a belt-fed weapon.

                  Comment

                  • #10
                    Originally posted by spiker
                    When u say domainname does it mean the netbios name of the PC that I want access to?
                    That means in the user name field "DOMAINNAME\USERNAME" should be given?
                    Please correct me if I m wrong.
                    Thanks
                    You are right. If you are mickeymouse@disneyland.com on that box then you would connect by typing disneyland\mickeymouse.

                    If you are trying to connect to the Disneyworld machine, you would either need a logon on that machine, or have a trusted share to that domain.

                    Comment

                    • #11
                      Originally posted by astcell
                      If you are trying to connect to the Disneyworld machine, you would either need a logon on that machine, or have a trusted share to that domain.
                      I hear that EuroDisney gets less traffic than those other two domains. Their security probably isn't as up-to-date, and you may be able to get an account simply by asking nicely.

                      Comment

                      • #12
                        that, and, as Im sure you know, on newer systems, (most anything after NT4 if I recall), security policies are in place by default to not allow connections on password-less admin accounts and such, especially towards netbios shares.

                        if it's your lan, and you set up the users/passwords on that box, or on that domain
                        if that be the case, and the routing/domains/workgroups are setup right, AND the credentials you are using have the right permissions to even access the share after authentication, you shouldnt have a problem.
                        .:. Adrenaline .:.

                        Comment

                        • #13
                          Originally posted by Adrenaline
                          that, and, as Im sure you know, on newer systems, (most anything after NT4 if I recall), security policies are in place by default to not allow connections on password-less admin accounts and such, especially towards netbios shares.

                          if it's your lan, and you set up the users/passwords on that box, or on that domain
                          if that be the case, and the routing/domains/workgroups are setup right, AND the credentials you are using have the right permissions to even access the share after authentication, you shouldnt have a problem.


                          That means on a password less admin account, netbios access is possible only after authentication, that is, giving a username and password only after first defining policies on the computer to which the admin$ access is needed.

                          But on a password less PC, if access is wanted and it asks for authentication then what does it mean, in the true sense of meaning. I think I m getting confused.

                          Please elaborate.

                          Thanks.

                          Comment

                          • #14
                            Clarify

                            Originally posted by che
                            It is called basic security. What good would the damn thing be if it allowed anyone to attach to the admin shares?! The admin shares are just that.. shares for admins. If you are not an admin, or do not know the username/pass for an admin user, forget it. Now.. unless your own box or a box you have permission to attack, I would say leave it at that and don't fuck with it. If it is, there are tools out there that will try to bruteforce the admin password to the share, or you can write your own. Just remember.. if it is not your box, that aproach will make lots of noise and you will be (deservingly) caught.

                            But if on the remote PC on the LAN, no account is created and the default accounts are present, then what is the reason one is not able to access the other PC only by giving administrator as user name and password blank. I mean what do you mean when you say username/pass for an admin user, when no such users are created and only the default users are generated upon installation of the OS, on the remote PC in the LAN.

                            Comment

                            • #15
                              Originally posted by lil_freak
                              Well you may want to start by reading this: Rules

                              This will come in great use to you, seeing as how you want to gain access to something you do not have permission to access.


                              My dear friend, I know the rules, but surely you understand that this is just a knowledge based query, and I have clearly specified that this is not an attempt to hack or crack a remote box, and yes I m accessing a share to which I do not have permission technically speaking and my question is whether one can authenticate through netbios sessions and gain access.

                              In short this is just an attempt to understand an exploit.

                              Comment

                              Previous 1 2 3 template Next
                              Working...
                              X