Page 3 of 5 FirstFirst 12345 LastLast
Results 21 to 30 of 45

Thread: remotely connecting to c$ share

  1. #21
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    8

    Default

    Quote Originally Posted by pureh@te View Post
    Please don't be offended however some basic linux knowledge would go a long way in understanding what you are asking. I think streakers point is that if you are asking this type of question you should probably not be running "tests" or "demos" on a working network. My suggestion is set your self up a virtual lab and then follow one of the many tutorials on the net regarding how to access shared documents. Then when you gain a little more understanding and have some specific questions we would be glad to help. Please stick around till then and get to know backtrack in your virtual enviorment. A tool like BT can do a lot of harm to a system if used improperly
    Thanks for this post. I'm not a linux person most if not all of my history is in windows platform. I was asking this question from that perspective not linux. I applogize if I mistyped but all my work is done on my home lab/network not on any live network yet. I have friends and associates that want me to but I want to make sure I'm clear on what is exposed. As to the specific question part I though my question was very specific and I'm finding no one that can tell me how to remotely map to the c$ share of a windows xp workstation. kind of funny as that is a default share for admin use I would figure it to be a prime target.

    I am sticking in there dispite the heckles and puns on the business name my skin is thicker than that thanks again

  2. #22
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    8

    Default

    Quote Originally Posted by .lonewolf View Post
    Don't take it personally... You are welcome here. Some people just have a unique sense of humor. I don't think it is intended to harm. Peace bro
    thanks for the support. one of the links was helpful on the windows side. still looking to confirm if there is a way into the c$ share but my bet is on no.

  3. #23
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    23

    Default

    Quote Originally Posted by streaker69 View Post
    So you're basically advocating he sniff someone else's traffic without their permission?
    I just find the satellite dish video so ironic and funny. In my country it is okey to do passive scanning. I believe he has a lot too learn before opening a company. It wood bee interesting to hear from people that work with IT-security what they consider the minimum knowlegs base is and what they do at work. In this forum we are focused on the technical part however social engineering and trust in employees seems to bee a bigger problem.

    When will this question pop up on this forum. I have now make an secure proxy works okey but the boss on the company hates me and the pepole too. They can only work. Irc, skype and all funny stuff dont work. How do I handle the peoples frustration and how do I ask them for money now?

  4. #24
    Senior Member
    Join Date
    Feb 2008
    Posts
    681

    Default

    Quote Originally Posted by hguten View Post
    thanks for the support. one of the links was helpful on the windows side. still looking to confirm if there is a way into the c$ share but my bet is on no.
    If you're seriously considering pentesting then the ideal platform would undoubtedly be BackTrack. That function is what it was specifically designed for.

    If you're hoping to use Windows you're going to be seriously limited in terms of effectiveness.

    This would obviously mean you'd have to learn Linux commands as most of the important tools are command line driven.

    Learning the Linux GUI is one thing but learning the Command Line takes a lot of reading, research and practice in order to become comfortable and proficient with.

    By your own admission you say you don't know Linux so how interested are you in learning advanced Linux or maybe not.

    This is a Backtrack Support Forum so I don't think anyone is going to indulge in Windows pentesting techniques, unfortunately.
    [FONT=Courier New][SIZE=2][FONT=Courier New]hehe...
    [/FONT][/SIZE][/FONT]

  5. #25
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by hguten View Post
    to answer your question go to gotgrit.com I'm not allowed to post the URL
    So basically, iron oxide or jeweler's rouge.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  6. #26
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default

    hehehe I knew this post would get some attention

  7. #27
    Junior Member
    Join Date
    Jan 2010
    Posts
    66

    Default

    Quote Originally Posted by hguten View Post
    WOW!!! for security experts you all jump to conclusion quickly. Because I asked how to remotely connect to the C$ share of an XP workstation I'm classifed as not knowing the basics.

    Funny how no one can give the answer to this question and are more focused on why someone should not take a step forward in their understanding.
    It's not that they can't. It's that they won't. You first have to demonstrate that you have done significant research into into the topic. The forums does not give handouts nor does it spoonfeed. While it may not be entirely true, you're original post lacks the merit of serious research.

    Quote Originally Posted by hguten View Post
    I think I should be the one worrying about what happens to my customer and myself if I deem an infrastructure secure and it is not.
    You mention Doctors not wanting to know about security. While they may not be concerned with the fine details. Rest assured that security is the utmost importance. In the United States all medical related (Doctors, Hospitals, Insurance companies, etc) are all required to be HIPAA compliant. I won't even begin to get into what would happen with failed implementations of a security model.

    Quote Originally Posted by hguten View Post
    to answer your question go to gotgrit.com I'm not allowed to post the URL

    check that site it gives a definition of Black Rouge.
    Well, that's nice but 99% of you clientale will think that you spelled it wrong. It'll get old after you've explained it th 100th to someone why you spelled it that way. Cute doesn't win you contracts.

  8. #28
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    23

    Default

    Try out to change password for admin windows xp use force guest when admin has blank password.

    Also try out smbbf enum and dumpsec and let me know
    how it turned out.

    /capron

  9. #29
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Originally Posted by hguten View Post
    WOW!!! for security experts you all jump to conclusion quickly.
    If you have a visit to the idiot's corner of this forums you will see that it is chocked full of the same types of questions over and over again.
    Someone posing as a security guy but can't for the life of themselves figure out how to connect to a wireless ap in backtrack or find the nmap command line. Not saying that you are one of those people but hey you are up against a ton of itards that have come before you.
    Funny how no one can give the answer to this question and are more focused on why someone should not take a step forward in their understanding.
    Also once you have had a laugh or two from the idiot's corner section then have a look at the tutorials and guides section as well as the pentest sections here. Alot of questions you may have are already covered here on this forum. If it is security related and it is not here then google will have it.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  10. #30
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by hguten View Post
    It is ashame you feel that way it sounds like you could be a geat value add to the SMB sector. I have many friends with small business that dont really know how to make there networks more secure. They dont have $$$ to make it bullet proof but they are Dr and Lawyers and tradesmen and dont want to deal with computer anymore then they have to.

    Because I asked this question doesn't mean I'm completely ignorant and my years in IT should not be in question here. I have done much reseach on how to connect to the C$ share and I was seeing if this forum knew more than I. what I have come to know is that XP will only allow guest to connect to C$ remotely it is a flaw in the OS that I have come to read about. I thought by chance I might have missed something. I always consider myself a newbie because I havent hacked much.
    1) If the posts here are an example of your professionalism and knowledge I would not hire you.
    2) Doctors and lawyers can't afford secure networks?
    WOW!!! for security experts you all jump to conclusion quickly.
    Indeed.
    Because I asked how to remotely connect to the C$ share of an XP workstation I'm classifed as not knowing the basics.
    Yup.

    Funny how no one can give the answer to this question and are more focused on why someone should not take a step forward in their understanding.
    No one has answered the question because they're overwhelmed by the stupidity of the thread. However since you're harping on the topic try:
    Code:
    M:\>net use ?
    The syntax of this command is:
    
    
    NET USE
    [devicename | *] [\\computername\sharename[\volume] [password | *]]
            [/USER:[domainname\]username]
            [/USER:[dotted domain name\]username]
            [/USER:[username@dotted domain name]
            [/SMARTCARD]
            [/SAVECRED]
            [[/DELETE] | [/PERSISTENT:{YES | NO}]]
    
    NET USE {devicename | *} [password | *] /HOME
    
    NET USE [/PERSISTENT:{YES | NO}]
    or
    Code:
    \\computername\C$
    from Start:Run.

    Yes I know you said you tried net use but obviously you did something wrong if you provided admin credentials and still only got "guest" access.

    You could also try Share Enumerator from Microsoft, and any number of tools included with BT.

    I think I should be the one worrying about what happens to my customer and myself if I deem an infrastructure secure and it is not.
    Well you got that much right.
    As to the specific question part I though my question was very specific
    You thought wrong. Though I provided a few examples earlier, I made certain assumptions because you didn't provide the details in your question. By "remote" do you mean over the internet? On a local network where you're a member of the domain/workgroup? On a local network where you are NOT a member of the domain/network? You also haven't established what type of access you're looking for. It may be simple to enumerate shares on a system but you may then only be able to connect with read permissions. You might get write if you're lucky, or may only get write on a subset of directories. You also didn't cover whether or not you have credentials for the system/domain/workgroup. So where was your "very specific" question?
    While Windows XP uses insecure settings for somethings (including anonymous enumeration of shares and users) there are solutions/workarounds to all of them.

    Good luck with "Sandpaper Technologies"!
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Page 3 of 5 FirstFirst 12345 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •