Hello,
if they're using WINS, send a NetBIOS name
request for the username, netbios service 03
(i.e. messenger service) to the WINS server.
It will respond with the IP of the host registered
to the user's workstation.
--------------------------------------------
Mike Sues, GCIH
CEO & Ethical Hack Specialist
Rigel Kent Security & Advisory Services Inc
http://www.rigelksecurity.com
voice:613.233.HACK
fax :613.233.1788
toll
free :1.877.777.H8CK
--------------------------------------------
-----Original Message-----
From: offset [mailto:offset@ubersecurity.org]
Sent: Wednesday, August 30, 2006 1:34 AM
To: pen-test@securityfocus.com
Subject: locate windows workstation if you know the username
Greetings fellow pen-testers,
Looking for ideas on tracking down a windows workstation if you know the
username.
I know that if I run net send username "" I can tell that the user
is online without the message box popping up on their machine (usually), but
I'd like to know which workstation a particular user is at for a targeted
arp spoofing attack against a client.
-off
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
