Penetrating Nt Networks Through Information Leaks And Policy Weaknesses.

No ratings

Presented at Blackhat USA 1998 by

Dominique Brezinski

The focus of this presentation will be a demonstration of how Windows NT hosts can be queried for information and how the information can be correlated to provide an attacker with a path of least resistance. Even though many Windows NT networks have few remotely exploitable technical vulnerabilities (buffer over-runs, flawed CGI scripts, address based authentication etc.), most NT networks give away too much information. By analyzing the information it is easy to find policy weaknesses that can be exploited to gain access to the NT hosts. Custom tools will be demonstrated on a small network.