Re: Active Directory user enumeration

I'm fairly certain that by default AD does not allow anonymous browsing
below the root level of the directory.  Only authenticated users can browse
beyond the root.

Matt

----- Original Message -----
From: "Robert Petrunic" <robert@petrunic.com>
To: "Sam Evans" <wintrmte@gmail.com>; "ilaiy" <ilaiy.e@gmail.com>
Cc: "Frederic Charpentier" <fcharpen@xmcopartners.com>;
<pen-test@securityfocus.com>; "Uno Mille" <umil@hotmail.com>
Sent: Friday, January 27, 2006 3:40 AM
Subject: Re: Active Directory user enumeration


> Try with Cain&Abel.
> If administrator disabled anonymous user enumeration trough group policy
you
> can't do it.
>
> Robert
>
> ----- Original Message -----
> From: "Sam Evans" <wintrmte@gmail.com>
> To: "ilaiy" <ilaiy.e@gmail.com>
> Cc: "Frederic Charpentier" <fcharpen@xmcopartners.com>;
> <pen-test@securityfocus.com>; "Uno Mille" <umil@hotmail.com>
> Sent: Friday, January 27, 2006 6:50 AM
> Subject: Re: Active Directory user enumeration
>
>
> I'm not sure there is a way to enumerate AD through LDAP without
> having to authenticate first.  I have not tried it, but I am guessing
> that Anonymous Bind is turned off by default (man, now I'm kinda
> paranoid, I'll have to check!)
>
> -Sam
>
>
> On 1/26/06, ilaiy <ilaiy.e@gmail.com> wrote:
> > Try this one for linux
> >
> > http://www-unix.mcs.anl.gov/~gawor/ldap/
> >
> > ./thanks
> > ilaiy
> >
> > On 1/24/06, Frederic Charpentier <fcharpen@xmcopartners.com> wrote:
> > > you can try the Softerra LDAP browser if the server allows anonymous
> > > read access (which is often the case).
> > >
> > > http://download.softerra.com/files/ldapbrowser26.msi
> > >
> > > Fred
> > >
> > > Uno Mille wrote:
> > > > Hello,
> > > > I need to perform a pentest on an 2003 Active Directory environment
> > > > and I
> > > > could not find a way to anonymously enumerate users, password policy
> > > > and etc
> > > > as we normally do in a NT environment.
> > > > Any way of doing it through LDAP without any authentication ?
> > > > Regards,
> > > > Uno
> > >
> > > --
> > > Frederic Charpentier - Xmco Partners
> > > Security Consulting / Pentest
> > > web  : http://www.xmcopartners.com/tests-intrusion.html
> --------------------------------------------------------------------------
----
> > > Audit your website security with Acunetix Web Vulnerability Scanner:
> > >
> > > Hackers are concentrating their efforts on attacking applications on
> > > your
> > > website. Up to 75% of cyber attacks are launched on shopping carts,
> > > forms,
> > > login pages, dynamic content etc. Firewalls, SSL and locked-down
servers
> > > are
> > > futile against web application hacking. Check your website for
> > > vulnerabilities
> > > to SQL injection, Cross site scripting and other web attacks before
> > > hackers do!
> > > Download Trial at:
> > >
> > > http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------------------
-----
> > >
>
> --------------------------------------------------------------------------
----
> > Audit your website security with Acunetix Web Vulnerability Scanner:
> >
> > Hackers are concentrating their efforts on attacking applications on
your
> > website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
> > login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> > are
> > futile against web application hacking. Check your website for
> > vulnerabilities
> > to SQL injection, Cross site scripting and other web attacks before
> > hackers do!
> > Download Trial at:
> >
> > http://www.securityfocus.com/sponsor/pen-test_050831
>
> --------------------------------------------------------------------------
-----
> >
>
> --------------------------------------------------------------------------
----
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
hackers
> do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------------------
-----
> --------------------------------------------------------------------------
----
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
> futile against web application hacking. Check your website for
vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------------------
-----
>



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------