skravel
Enumerates NT accounts by RID
skravel is a proof-of-concept tool written by Olle Segerdahl <
olle@nxs.se>.
It was written to demonstrate/exploit the problem of not being able to restrict "null sessions" on Windows NT 4.0.
Features:
- Enumerates NT4 accounts regardless of "RestrictAnonymous" setting
- Enumerates accounts on Win2k DC through a NT4 domain member
- Resolves domain and user names to fully qualified SID on remote machine
FAQ:
Q: skravel just prints "Could not contact system", what's wrong?
A: skravel needs to be able to speak RPC with lsass on the remote machine.
This requires an IPC$ connection, ie. 'net use \\machine /u:"" ""'
Download:
© 2002 by Olle Segerdahl <olle@nxs.se>