Javier's Blog

Mostly computers and other tech stuff,...

Thursday, June 19, 2008

Sysadmin Notes

Pingsweep of subnet:
# nmap -sP

Get a list of users on Windows:
> net use \\x.x.x.x\ipc$ "" /USER:""
> net users

What is the password policy:
> net accounts

Recover a lost password:
> enum -u Aministrator -f c:\dict.txt -D x.x.x.x

Logon remotely:
> psexec \\x.x.x.x -u Administrator cmd.exe

Transfer a file with netcat:
$ nc -l -p 6969 > file.txt
$ nc somehost 6969 < file.txt

Listen for passwords flying on the subnet:
# sudo dsniff

Reset the root password on an old server:
$ sshnuke -rootpw-"Z1ON0101"

Makeshift remote desktop:

From server:

you will enter password and the server will start running on port 6000 or so. From client:


Post a Comment

<< Home