Pages: [1]

Author Topic: Suggestions  (Read 588 times)

0 Members and 1 Guest are viewing this topic.

KingCasra

  • Guest
Suggestions
« on: November 16, 2014, 07:18:15 pm »
Hi, I'm currently doing an audit where I need to access a certain users filesystem. The way it is structured is There is a regional admin, Then a local admin, Supervisors and standard users in order of privileges. I have access to a Standard user Account, I am however able to access files a standard user couldn't by manipulating a bug in the security I found. They run the Novell client. Each user has their own drive on said network for example (23344aaa-Smry-Insertroom#here). I was thinking if I could ssh to the main server I could possible access the filesystem of said user in that manner. Does anybody have any alternate suggestions or comments? I will test this on monday.
Report to moderator   Logged

Offline Comm4nd0

  • /dev/null
  • *
  • Posts: 19
  • Cookies: -1
    • View Profile
Re: Suggestions
« Reply #1 on: November 17, 2014, 04:39:00 pm »
To be honest (i know i'm new here) you're going to have to give a lot more detail than that. With regards to what systems are being used. How you're currently connected in.

To be honest it sounds like you're a standard user on a system and you want to access another standard users personal network drive. To my knowledge this can't be done without a domain admin password providing the security has been setup properly.

What you can try is, find out the name of the server that hosts the personal drives, then c$ to it. e.g \\Fileserver001\c$
This will take you to the root of the C:\ drive. Chances are the folder aren't hosted on the c drive so you might need to change the letter. might just have to go through them all to find it. Also, if you gain access it will only be because the securty hasn't been set up correctly. You WILL most likely need a domain admin username and password.

Hope this helps!
Report to moderator   Logged

KingCasra

  • Guest
Re: Suggestions
« Reply #2 on: November 20, 2014, 11:25:26 pm »
Yes I knew I needed the Domain admins logins. I was hoping for a Novell exploit that would elevate my privileges however, can't find one.
Report to moderator   Logged

Offline Comm4nd0

  • /dev/null
  • *
  • Posts: 19
  • Cookies: -1
    • View Profile
Re: Suggestions
« Reply #3 on: November 24, 2014, 05:53:46 pm »
What about if you were to get one of the IT techs to login as a domain admin to fix something, if they haven't already. Then if you can, install Cain and Able which will read the SAM and get their credentials.

Might be worth a shot.
Report to moderator   Logged

KingCasra

  • Guest
Re: Suggestions
« Reply #4 on: December 01, 2014, 01:35:38 am »
Not a bad Idea I will def try it.
Report to moderator   Logged
Pages: [1]