Results 1 to 4 of 4

Thread: [Script][Video] - Using McGrew Security's

  1. #1
    Join Date
    Jan 2010

    Default [Script][Video] - Using McGrew Security's

    For those who aren't aware, NetBIOS as used in Windows(tm) brand OSes, at least through XP Service Pack 3, have a multi-step name resolution process. If a particular name is not found via DNS lookup, the system will query the local subnet's NetBIOS for a match. As such, if we have access to an interface on the local subnet (via source routing or a GRE tunnel) we can potentially redirect misspelled names to ourselves (or non-existent names, in some cases).

    Note: This type of attack is not exactly unique to windows. Under linux, the nsswitch.conf file can be configured to query all sorts of directory services to locate machines. While the video doesn't demonstrate "poisoning" a linux client, a system with a configuration to query the local subnet for a name could also be created. See the /etc/nsswitch.conf man pages, and google pages.

    First, the script ( which can be downloaded at ) is a simple python + scapy script to watch for netbios name query traffic on an interface; if the name matches the supplied regex, the script simply generates a response.

    EDIT: Re-introducing the video once I clean it up - realized I had some personal stuff on the Desktop.
    Last edited by orgcandman; 08-04-2010 at 06:46 PM.

  2. #2
    Just burned his ISO
    Join Date
    Jul 2010

    Default Re: [Script][Video] - Using McGrew Security's

    Quick! Repost the video! I'm really interested to see how this is done.

  3. #3
    Just burned his ISO
    Join Date
    Nov 2010

    Default Re: [Script][Video] - Using McGrew Security's


  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010

    Default Re: [Script][Video] - Using McGrew Security's

    I don't see a video and it appears the first post was edited quite some time ago.
    To be successful here you should read all of the following.
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

Similar Threads

  1. [Script][Video] EvilGrade (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 27
    Last Post: 03-06-2011, 12:24 PM
  2. [Script] [Video] metasploit-FakeUpdate (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 30
    Last Post: 12-06-2010, 04:53 PM
  3. [Script] [Video] FakeAP_pwn (v0.2.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 184
    Last Post: 09-02-2010, 11:01 AM
  4. MySQL Security Assesment Script in BT4
    By Archangel-Amael in forum BackTrack Howtos
    Replies: 0
    Last Post: 07-24-2010, 03:16 PM
  5. Video How-To Offensive-Security
    By brigante in forum Tutorial ed HowTo
    Replies: 0
    Last Post: 08-23-2009, 03:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts