?? novell hacking for complete newbies.html
字號:
<html>
<head>
<title>netware</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<b><font size="5"> </font></b>
<table width="680" border="0" cellspacing="2" cellpadding="2" align="center">
<tr>
<td width="693">
<pre>
::::::::: :::::::: ::::::::: ::::::::::
:+: :+: :+: :+: :+: :+: :+:
+:+ +:+ +:+ +:+ +:+ +:+
+#++:++#+ +#++:++#++ +#++:++#: :#::+::#
+#+ +#+ +#+ +#+ +#+ +#+
#+# #+# #+# #+# #+# #+# #+#
######### ######## ### ### ###
<a href="%20http://blacksun.box.sk" target="_blank">http://blacksun.box.sk</a>
_____________________________
______________________I <b> Topic:</b> I_____________________
\ I I /
\ HTML by: I Novell Hacking for I Written by: /
> I Complete Newbies I <
/ <a href="mailto:black_mesa@gmx.de">Martin L.</a> I_____________________________I <a href="mailto:miggyx@amicoders.demon.co.uk">MiggyX</a> \
/___________________________> <_________________________\</pre>
</td>
</tr>
</table>
<table width="28%" border="0" cellspacing="2" cellpadding="2" align="center">
<tr>
<td width="30%">
</td>
</tr>
</table>
<p>Coming together is a beginning, Staying together is progress, Working together
is success!</p>
<p><b><font size="4">[Contents]</font></b></p>
<ol>
<li><a href="#1">Introduction to Novell Netware</a></li>
<li><a href="#2">What is the 'console' and 'NDS'?</a></li>
<li><a href="#3">How do I know if they're running Novell?</a></li>
<li><a href="#4"> I'm still not sure. I have a normal user account. How can
I check with this?</a></li>
<li><a href="#5">What are the usual accounts and passwords and how do I find
a valid account?</a></li>
<li><a href="#6">How do I lockout my enemies account?</a></li>
<li><a href="#7"> Is there another easy way to get Admin access?</a></li>
<li><a href="#8">What about the Net Plug attack?</a></li>
<li><a href="#9">What's a backdoor and is it useful to me ?</a></li>
<li><a href="#10">Once I'm in, can I leave a back door?</a></li>
<li><a href="#11">Leaving an Admin level user in the NDS Tree</a></li>
<li><a href="#12">Okay, now how do I leave a backdoor into the server itself?</a></li>
<li><a href="#13">Accessing servers drives that you shouldn't be able to see</a></li>
</ol>
<p> </p>
<p><b><font size="4"><a name="1"></a>Introduction to Novell Netware</font></b></p>
<p> Novell Netware is a server based operating system for networks. Unlike Unix
and NT, Netware isn't an all in one program. Let me explain. Netware itself
runs on top of a version of DOS. The version that you might be familiar with
is MS-DOS as this comes with Windows 95 and 98. Novell uses DR-DOS. This is
very similar to MS-DOS and even uses the same sort of commands. When a Netware
server starts up, first it loads up DR-DOS (also known as Caldera DOS because
Caldera wrote it). Once DOS is started, Netware is loaded which then sets up
the server itself. Once this has been done, the server is happily sitting on
the network and awaiting requests. Netware has two main admin areas. First is
the console and second is NDS.<br>
<br>
<font size="4"><b><a name="2"></a>What is the 'console' and 'NDS'?</b></font></p>
<p>The console is kind of like a DOS prompt. It takes commands in the same way
as you'd expect and it looks almost the same to. The prompt though (the bit
before you type in your commands) is somewhat different. In MS-DOS, you might
get a prompt like this:</p>
<table width="99%" border="0" cellspacing="2" cellpadding="2" align="center">
<tr>
<td><pre>
C:\WINDOWS >
| |
| This bit is the directory you are currently in. Here, you can see I'm in the
| Windows directory. Netware doesn't have this and I'll explain why a little later
|
The 'C:\' shows the current drive. Netware has something like this but it doesn't
actually show you what drive you are in. Again, I'll explain this later.</pre></td>
</tr>
</table>
<p>You've seen what the MS-DOS version is like. Here then is a sample from a Netware
server named "Gandalf".</p>
<p><b>GANDALF :</b></p>
<blockquote>
<p> The console is designed simply for managing the server itself. Not the files
or its users as can be done with an NOS (Network Operating System) such as
Linux. Commands entered here affect only the server that is in the prompt.
In this case, only server Gandalf will be affected by my commands.<br>
You can run or 'load' programs into the server in the form of NLMs ( Netware
Loadable Modules). These can be seen as plugins for the server. Once run,
the program will automatically be set-up. I'm mentioning this now because
some of the best hacks require software to be loaded in at the server. I'll
cover this later though.<br>
The console can also be access from another computer using a piece of software
called "RCONSOLE". This is a DOS based program so you will need
to be able to run DOS programs on your machine. Many Admins disable this on
user accounts and only have it active on Admin accounts. Even if you can run
RCONSOLE, you will still need a password to access the server. Most servers
are left at the console so no logging in is necessary. However, servers tend
to be well guarded!</p>
<p> NDS (Netware Directory Service) is where all the user and file information
is stored. It is usually referred to as the "NDS Tree". You could
easily compare it to a telephone directory. The NDS Tree holds all the information
about a network. From the individual workstations to the users to the servers
and the files stored on them. Because everything in general is managed through
NDS, this is really the kind of access you want. Console access is useful
(you can kick people you don't like off the server) but having the ability
to alter anything on the network is much more fun. <br>
The program that you need to access the NDS Tree is called 'nwadmn32.exe'.
This is usually available somewhere on the system because it isn't directly
a security risk. If you load it as a normal user, you will only have rights
to alter some parts of that user such as the password. You may not be able
to touch other peoples information but you can usually read it. I'll come
back to this later on.</p>
</blockquote>
<p><b><font size="4"><a name="3"></a>How do I know if they're running Novell?</font></b></p>
<p>This is an easy one. Before you can use any machine on a Novell network, you
must login. Novell like to show everyone just how good they think they are and
splash their name and their stupid red 'N' logo everywhere that they feel they
can get away with. This includes the login screen.<br>
If for some reason you don't have this on your login screen but you still think
that you are on a Novell network, take a closer look at the login screen. Most
networks now use the latest client which supports contextless logins. Although
this sounds complicated it isn't. Normally when you login to Novell, you must
tell the server what 'context' you are in. This lets people have the same user
names. For instance for me to login to Gandalf I'd need to supply :</p>
<p>Miggyx.admin.users.abc</p>
<p><br>
This is a short one. Many go much deeper than this and have six levels or more!
Problem is humans aren't too hot at remembering these long login names. For
this reason Novell brought out contextless logins. You pick an option from a
drop down menu then fill in only the user name. For instance :</p>
<table width="262" border="0" cellspacing="2" cellpadding="2">
<tr>
<td width="130">Context :</td>
<td width="130">Server Admins</td>
</tr>
<tr>
<td width="130">User :</td>
<td width="130">miggyx</td>
</tr>
<tr>
<td width="130">Passwd :</td>
<td width="130">******</td>
</tr>
</table>
<p>Instead of :</p>
<table width="262" border="0" cellspacing="2" cellpadding="2">
<tr>
<td width="130">User :</td>
<td width="130">miggyx.admin.users.abc</td>
</tr>
<tr>
<td width="130">Passwd :</td>
<td width="130">******</td>
</tr>
</table>
<p>Basically it was all done to make users lives easier. This option never appears
on Unix or NT systems because they don't support multiple user names and thus
context is irrelevant. If your system has this on the login screen, you definitely
have Novell Netware.</p>
<p><b><font size="4"><a name="4"></a>I'm still not sure if I'm on a Novell network.
I have a normal user account. How can I check with this?</font></b></p>
<p> Yes you can and if you have a real account, it will make your life a lot easier.
It is easier to hack a system that you have some access to than to start from
scratch. Login and see if you have a little red 'N' in the taskbar. This is
Novell's little Admin tool for the user themselves and it has a few interesting
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -