From: Frederic Charpentier (fcharpen@xmcopartners.com)
Date: Tue Jan 24 2006 - 11:19:45 EST
you can try the Softerra LDAP browser if the server allows anonymous
read access (which is often the case).
http://download.softerra.com/files/ldapbrowser26.msi
Fred
Uno Mille wrote:
> Hello,
> I need to perform a pentest on an 2003 Active Directory environment and I
> could not find a way to anonymously enumerate users, password policy and etc
> as we normally do in a NT environment.
> Any way of doing it through LDAP without any authentication ?
> Regards,
> Uno
-- Frederic Charpentier - Xmco Partners Security Consulting / Pentest web : http://www.xmcopartners.com/tests-intrusion.html ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:25 EDT