📄 ntsec.html
字号:
<b><Rockin_lad></b> yeah exactly<br>
<b><Cypher></b> DF, what is?<br>
<b><DigitalFallout></b> SE the admin<br>
<b><Cypher></b> oh, that... well, u'll be surprised (especially on large networks/companies)<br>
<b><Rockin_lad></b> so , you've got this ISP runing by NT so how can you log
in , or in another word break in , or cant you ?<br>
<b><DigitalFallout></b> True<br>
<b><Cypher></b> u can take a tour to the offices<br>
<b><DigitalFallout></b> it has happened<br>
<b><DigitalFallout></b> However it is easier to talk to IE, an intern<br>
<b><Cypher></b> stand in the middle and yell "hey! i forgot the system password
again, what is it?"<br>
<b><Rockin_lad></b> lol<br>
<b><Cypher></b> and u can hear a "the_password" response some times<br>
<b><Cypher></b> :)<br>
<b><snider></b> i know, im the guy that yells<br>
<b><Cypher></b> hehehe<br>
<b><DigitalFallout></b> Good one<br>
<b><Rockin_lad></b> Cypher , what gopher ?<br>
<b><Cypher></b> so, first thing - gather information! its more then 60% of the
deal<br>
<b><Cypher></b> gother?<br>
<b><Cypher></b> gather maybe?<br>
<b><snider></b> gopher is a 10 year old service<br>
<b><Rockin_lad></b> no Gopher<br>
<b><m0ded></b> yeah,,<br>
<b><snider></b> like a really old BBS<br>
<b><m0ded></b> poor gopher..<br>
<b><Rockin_lad></b> what does it do ?<br>
<b><Cypher></b> of, the Gopher service :)<br>
<b><Cypher></b> snider told already<br>
<b><Cypher></b> i don't believe anyone uses it anymore, though<br>
<b><Cypher></b> wait, i'll look up a formal definition :)<br>
<b><snider></b> me neither, poor thing<br>
<b><Rockin_lad></b> oh<br>
<font color="#ff0000">*** rek has joined #bsrf</font><br>
<b><rek></b> hey<br>
<b><Cypher></b> hi rek<br>
<b><_quato_></b> hey<br>
<b><TTT></b> hi, Rekaerf!<br>
<b><TTT></b> long time not seen!<br>
<b><_quato_></b> Cypher whats network latency<br>
<b><Rockin_lad></b> its when your analog dialup is fuck up <br>
<b><Rockin_lad></b> fucked up<br>
<b><Cypher></b> :)<br>
<b><Rockin_lad></b> like mine <br>
<b><Noon_Ghunna></b> Cypher! where are the nt passwd hashes are stored! if they
are in sam file, where can i find it in NT.<br>
<b><Cypher></b> its when the network is terribly late :)<br>
<b><Rockin_lad></b> regisrty<br>
<b><Cypher></b> Noon_Ghunna, in the SAM, in the registry, BUT<br>
<b><Cypher></b> u cannot access it cause NT locks it (atleast one smart thing
:))<br>
<b><Cypher></b> BUT (again)<br>
<b><Rockin_lad></b> check SECURITY while you're there too<br>
<font color="#ff0000">*** ZipIt has quit IRC (Ping timeout)</font><br>
<b><Cypher></b> u can access the SAM_ file, which is the backup file (made by
the admin, especially for you)<br>
<b><Cypher></b> it is not locked<br>
<b><Noon_Ghunna></b> hey is SAM a file or its some information in registery<br>
<b><Cypher></b> and located in the repair dir in winnt<br>
<b><Cypher></b> Noon_Ghunna, registry is a file<br>
<b><Cypher></b> of some sort<br>
<b><Cypher></b> anyhow, it is stored on the disk<br>
<b><Noon_Ghunna></b> never found the registry file in win98<br>
<b><Cypher></b> in the system32\config directory<br>
<b><m0ded></b> what SAM stands for?<br>
<b><Cypher></b> cause win98 sucZ :)<br>
<b><dr3x></b> Security Access Manager<br>
<b><DigitalFallout></b> run->REGEDIT<br>
<b><TTT></b> it is not a file<br>
<b><QX-Mat></b> ooh<br>
<b><Rockin_lad></b> Hive <br>
<b><Cypher></b> Security_A_M..... ;-) forgot<br>
<b><m0ded></b> <b><dr3x></b> Security Access Manager<br>
<b><QX-Mat></b> umm, can I say something NT user related?<br>
<font color="#ff0000">*** sanke has left #bsrf</font><br>
<b><TTT></b> the registry is based on many files<br>
<b><Cypher></b> right<br>
<b><Noon_Ghunna></b> i know regedit but isn't thee a file on which the registry
stores its backup! if there is one where in NT<br>
<b><Cypher></b> TTT, of course, but we were talking about the SAM (a part of
it)<br>
<b><TTT></b> oh, alright<br>
<b><Rockin_lad></b> USER.DAT SYSTEM.DAT mybee ?<br>
<b><QX-Mat></b> umm, can I say something NT user related?<br>
<b><Cypher></b> yes<br>
<b><Cypher></b> i thing<br>
<b><Cypher></b> QX-Mat, i think.....<br>
<b><QX-Mat></b> I've put a couple of NT CGI's up for you too gander at. None
of them are complete. But they demo remote user admin via perl.... http://www.q-m.net/outofsite/cgis/list.cgi<br>
<b><Cypher></b> Just Do It :)<br>
<b><Cypher></b> kewl<br>
<b><Cypher></b> so, if there are no more questions, i guess we can call it a
day/lecture :-)<br>
<b><DigitalFallout></b> Ummmm let me think<br>
<b><DigitalFallout></b> Did you go over print access?<br>
<b><m0ded></b> time for NT exploits and IIS?<br>
<b><Cypher></b> m0ded, right!<br>
<b><Noon_Ghunna></b> who will send me the log :|<br>
<b><m0ded></b> cool]<br>
<b><Rockin_lad></b> yes eys yeas<br>
<b><Slayer></b> yeah<br>
<b><Rockin_lad></b> ecploit<br>
<b><Cypher></b> DF, no :) (and not scanner access also :))<br>
<b><Rockin_lad></b> exploit rules <br>
<b><Cypher></b> i think its time for a brake<br>
<b><DigitalFallout></b> you might want to cover how to secire printers<br>
<b><Slayer></b> exploits and IIS<br>
<b><Cypher></b> Have a Brake have a KitKat :)<br>
<b><m0ded></b> hehe<br>
<b><Rockin_lad></b> okay <br>
<b><Slayer></b> pls<br>
<b><dr3x></b> when the next lecture?<br>
<b><Rockin_lad></b> let the man rest</p>
<p><b><Cypher></b> ========== 15 minutes brake ========= oki?</p>
<p><b><Cypher></b> shall we continue?<br>
<b><m0ded></b> yeah<br>
<b><aragorn></b> yes!<br>
<b><m0ded></b> END OF BREAK<br>
<b><m0ded></b> p;<br>
<b><m0ded></b> ;p<br>
<b><DigitalFallout></b> YOur call<br>
<b><Slayer></b> yes lets get toexploits and IIS pls<br>
<b><aragorn></b> right<br>
<b><m0ded></b> IIS the best part<br>
<b><The_Duke247></b> hmm<br>
<b><The_Duke247></b> is that the time already ?<br>
<b><m0ded></b> i was waiting for it<br>
<b><QX-Mat></b> It said it was avalible twice on signup, but then on the confirmation
email, it turned around! Kill BT!<br>
<b><Noon_Ghunna></b> Cypher! is ntfaq worth to download?<br>
<b><snider></b> duke: NT security lecure if you didnt know<br>
<b><The_Duke247></b> oh really ?<br>
<b><The_Duke247></b> errr ok then<br>
<b><The_Duke247></b> *shuts up*<br>
<b><Cypher></b> NTfaq? sure, y not<br>
<b><snider></b> hehe<br>
<b><DigitalFallout></b> Well unfortunatly I must depart. I'l have a gander at
the logs later<br>
<b><The_Duke247></b> can i comment on it or not ?<br>
<b><Cypher></b> later DF<br>
<b><DigitalFallout></b> Cya<br>
<b><QX-Mat></b> Oh, and if any of you didn't know, I survied my hostpital Op!<br>
<font color="#ff0000">*** DigitalFallout has left #bsrf</font><br>
<b><The_Duke247></b> cos i know quite a bit on NT, and proxy server hence...
ISAPI filters etc..<br>
<b><Cypher></b> QX-Mat, that's interesting, especially cause we're talking to
u<br>
<b><The_Duke247></b> so whos lecturing anyway ?<br>
<b><Cypher></b> The_Duke247, u can comment?<br>
<b><Cypher></b> we don't know...<br>
<font color="#ff0000">*** _quato_ has left #bsrf</font><br>
<font color="#ff0000">*** Cypher sets mode: +v The_Duke247</font><br>
<b><QX-Mat></b> The ISAPI is a little... ahem.... muddled.<br>
<b><m0ded></b> shut up<br>
<b><m0ded></b> Cypher start<br>
<b><aragorn></b> lets go<br>
<b><Cypher></b> that was: <b>[Cypher]</b> The_Duke247, u can comment!<br>
<b><The_Duke247></b> lol<br>
<b><Cypher></b> lets<br>
<font color="#ff0000">*** Rockin_lad has quit IRC (Ping timeout)</font><br>
<b><Cypher></b> so IIS, what is it, actually?<br>
<b><The_Duke247></b> don't have a mic my friend, thanks for privs anyway<br>
<b><m0ded></b> a webserver<br>
<b><The_Duke247></b> IIS ?<br>
<b><The_Duke247></b> Internet Information Server<br>
<b><m0ded></b> good boy<br>
<b><The_Duke247></b> packaged as part of Windows 2000<br>
<b><Cypher></b> good, i was waiting for someone to type that<br>
<b><The_Duke247></b> or the back office set<br>
<b><Cypher></b> :)<br>
<b><The_Duke247></b> IIS 4.0 with win2k<br>
<b><The_Duke247></b> IIS 5.0 released<br>
<b><m0ded></b> ok ok<br>
<b><The_Duke247></b> with various holes already found<br>
<b><Cypher></b> its the Microsoft Server pack<br>
<b><The_Duke247></b> :)<br>
<b><QX-Mat></b> TOTP is on....<br>
<b><The_Duke247></b> yep<br>
<b><Cypher></b> The_Duke247, we got it :)<br>
<b><snider></b> duke : you can comment, not just satrt talking on and on and
on and on<br>
<b><The_Duke247></b> lol<br>
<b><The_Duke247></b> ok then<br>
<b><snider></b> heh<br>
<b><Cypher></b> and as all microsoft products<br>
<b><m0ded></b> snider right<br>
<b><Cypher></b> IIS has bugs<br>
<b><QX-Mat></b> !!!!!!<br>
<b><m0ded></b> especially 4.0<br>
<b><Cypher></b> and bugs and bugs and bugs and bugs and bugs and bugs and bugs
and bugs<br>
<font color="#ff0000">*** syfilis84 has joined #bsrf<br>
<b><Cypher></b> and holes and holes and holes and holes</font><br>
<b><Cypher></b> well, u got the picture :)<br>
<font color="#ff0000">*** syfilis84 has left #bsrf</font><br>
<b><The_Duke247></b> *sticks hand in the air saying" me me me me me me"*<br>
<b><QX-Mat></b> :><br>
<b><Slayer></b> so how do u exploit them:9<br>
<b><Noon_Ghunna></b> ISS know for aspz!<br>
<b><Slayer></b> )<br>
<b><Cypher></b> Slayer, nah, we just look at them :)<br>
<b><blindman`s_vision></b> can someone tell me what this is?<br>
<b><blindman`s_vision></b> Apache/1.2.0 PHP/FI-2.0b11 on BSD/OS<br>
<b><Cypher></b> The_Duke247, what is it?<br>
<b><Slayer></b> arhh<br>
<b><m0ded></b> blindman we're in a lecture<br>
<b><The_Duke247></b> header from web server<br>
<font color="#ff0000">*** Cypher sets mode: +m</font><br>
<b><The_Duke247></b> HTTP 1.1<br>
<b><Cypher></b> sorry :)<br>
<b><The_Duke247></b> no cigar huh?<br>
<font color="#ff0000">*** Rockin_lad has joined #bsrf</font><br>
<b><Cypher></b> i'll -m it at the question part<br>
<b><m0ded></b> Cypher devoice The_Duke!<br>
<font color="#ff0000">#BSRF Cannot send to channel (channel is moderated, you do not have a voice)</font><br>
<b><Cypher></b> so, IIS is fuuulll of probs and bugs<br>
<b><Cypher></b> just waiting to be exploited<br>
<b><Cypher></b> by.... well... various ppl<br>
<b><The_Duke247></b> yep<br>
<b><Cypher></b> the 4.0 version had plenty of them (5.0 less)<br>
<b><Cypher></b> or better to say, not yet discovered ;-)<br>
<b><The_Duke247></b> because it hasn't been around as long you could say<br>
<b><The_Duke247></b> lol exactly<br>
<b><Cypher></b> many of the holes were in the /scripts directory<br>
<b><Cypher></b> it would give u to execute stuff<br>
<font color="#ff0000">*** rattle_and_hum has joined #bsrf</font><br>
<b><Cypher></b> for example<br>
<b><Cypher></b> the *.bat is assosiated with the cmd.exe application<br>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -