Anonymous remote registry reads (fwd)
Caleb Harris
charris at sec.gov
Wed Oct 27 20:25:33 GMT 1999
Luke-
Thanks for the information. Actually, my goal is to get rid of
any hosts that might have globally-readable registries. Interesting that
you caught on right away. :)
But, being a useless intern, I am still having difficulties.
Basically, I'm not entirely sure how to specify the name of a key. Say I
had a known globally-readable key in HKLM. Would I say:
regquerykey HKLM/keyname or
regquerykey HKLM\keyname or something else?
I noticed in your message that you used HIVE_KEY_LOCAL_MACHINE,
while in the Windows NT registry it's HKEY_LOCAL_MACHINE. Which one is
correct, and can I specify the other top-level keys that way, like
HKEY_USERS?
Also, I did "help shutdown" as you suggested, and got nothing.
I'm thinking that maybe I have an out-of-date version of Samba. Was
"shutdown" supported in all versions of rpcclient? When I tried it, I got
"shutdown: command not found". Or is that something that depends on the
machine I'm connected to?
Once again, all comments and suggestions are greatly appreciated.
Sorry for all the questions and my obvious ignorance -- I'm just a lowly
intern. ;D
thanks again!
Caleb
More information about the samba-ntdom
mailing list