Network Security: Detailed info on Re[2]: locate windows workstation if you know the username

Subject:	Re[2]: locate windows workstation if you know the username
Date:	Thu, 31 Aug 2006 13:53:08 -0500 (CDT)

on Unix nbtscan/nbtstat will do something like this.  It dumps the machine
name, username, domain/workgroup and MAC address.  I used to run it daily
and archive the output to see where users normaly logon.  The one I used
was written in C.  I had to add an alarm to it so it would timeout for
host not responding.

-Jason Ellison

On Thu, 31 Aug 2006, Matthew Leeds wrote:

For the terminally lazy, you might Google TCPNetView. This GUI utility will 
give you both the IP address and MAC address.

----------
---Matthew
*********** REPLY SEPARATOR  ***********

On 8/30/2006 at 1:05 PM Mike Sues wrote:

Hello,

if they're using WINS, send a NetBIOS name
request for the username, netbios service 03
(i.e. messenger service) to the WINS server.
It will respond with the IP of the host registered
to the user's workstation.

--------------------------------------------
Mike Sues, GCIH
CEO & Ethical Hack Specialist
Rigel Kent Security & Advisory Services Inc
http://www.rigelksecurity.com
voice:613.233.HACK
fax  :613.233.1788
toll
free :1.877.777.H8CK
--------------------------------------------


-----Original Message-----
From: offset [mailto:offset@ubersecurity.org]
Sent: Wednesday, August 30, 2006 1:34 AM
To: pen-test@securityfocus.com
Subject: locate windows workstation if you know the username


Greetings fellow pen-testers,

Looking for ideas on tracking down a windows workstation if you know the
username.

I know that if I run     net send username ""     I can tell that the user
is online without the message box popping up on their machine (usually),
but
I'd like to know which workstation a particular user is at for a targeted
arp spoofing attack against a client.

-off

------------------------------------------------------------------------




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
locate windows workstation if you know the username, offset RE: locate windows workstation if you know the username, Mike Sues Re[2]: locate windows workstation if you know the username, Matthew Leeds Re[2]: locate windows workstation if you know the username, Jason L. Ellison <= Re: Re[2]: locate windows workstation if you know the username, s-williams Re: locate windows workstation if you know the username, Brendan Dolan-Gavitt Re: locate windows workstation if you know the username, devin . ertel

Previous by Date:	Re[2]: locate windows workstation if you know the username, Matthew Leeds
Next by Date:	Re: Core Impact Vs Manual Pen Test, Nick Selby
Previous by Thread:	Re[2]: locate windows workstation if you know the username, Matthew Leeds
Next by Thread:	Re: Re[2]: locate windows workstation if you know the username, s-williams
Indexes:	[Date] [Thread] [Top] [All Lists]