From: Paris E. Stone (pstone@alhurra.com)
Date: Tue Aug 24 2004 - 11:21:11 EDT
The files you would need to get at are on the SYS volume, under a hidden
folder, _netware.sys or something like that (It has been a long time,
forgive me) and in versions 5.0 and below, the only way to get at them
was to load up a program on the server console (Physical access) and
then view this directory via a command shell that you launched.
Or using the backup NDS tool built in to get a backup.ds file, but I am
not exactly sure about how successful this is.
As of version 5.1 and above( I believe, again, it has been a while)
there is no mechanism to get at this directory in any way that I am
aware of.
Previous versions, use the shell tools, copy the files to another
directory, then use Simple Nomad's Pandora to brute force the passwords.
http://www.nmrc.org/project/pandora/
~~~~~
Paris E. Stone, "Linux Zealot"
CISSP, CCNP, CNE, MCSE, CIW Master Administrator
~~~~~
"Not all who wander are lost."
J.R.R.T.
-----Original Message-----
From: IndianZ [mailto:indianz@indianz.ch]
Sent: Saturday, August 21, 2004 6:02 PM
To: pen-test@securityfocus.com
Subject: Re: Novell Netware 4 or higher password cracker
Have a look at NMRC's Pandora:
http://www.nmrc.org/project/pandora/index.html
GreetZ from IndianZ
mailto:indianz@indianz.ch
http://www.indianz.ch
On Friday 20 August 2004 21.17, Warren Camp wrote:
> Does anyone know of a good free or commerical Novell Netware 4.0 or
> greater password cracker to test for weak passwords.
>
>
------------------------------------------------------------------------
-
>----- Ethical Hacking at the InfoSec Institute. All of our class sizes
are
> guaranteed to be 12 students or less to facilitate one-on-one
interaction
> with one of our expert instructors. Check out our Advanced Hacking
> course, learn to write exploits and attack security infrastructure.
> Attend a course taught by an expert instructor with years of
in-the-field
> pen testing experience in our state of the art hacking lab. Master the
> skills of an Ethical Hacker to better assess the security of your
> organization.
>
> http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
>
------------------------------------------------------------------------
-
>------
------------------------------------------------------------------------
------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one
interaction
with one of our expert instructors. Check out our Advanced Hacking
course,
learn to write exploits and attack security infrastructure. Attend a
course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
------------------------------------------------------------------------
-------
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:00 EDT