a proposal for Samba 3.5
Jean-Baptiste Marchand
Jean-Baptiste.Marchand at hsc.fr
Mon Apr 19 09:41:38 GMT 2004
* Richard Sharpe <rsharpe at richardsharpe.com> [16/04/04 - 20:50]:
> Yes. Unfortunately, Jean-Baptiste conflated two groups of users. I agree
> that functions useful to sys admins belongs in the net command.
True, penetration testers and system administrators do not really have
the same requirements...
However, I still think that an interactive command-line tool such as
rpcclient is very useful to system administrators, in addition to the
net command.
For instance, the Samba-TNG version of rpcclient supports some useful
commands that supports the following MSRPC interface:
eventlog (remote Windows eventlog manipulation)
svcctl (remote Windows services administration)
My feeling is that the net command supports commands for domain-oriented
administrative tasks but not for general Windows system administration
tasks such as reading the eventlog, starting a Windows service and so
on...
> I don't think that those functions that are useful to penetration testers
> belong in the net command at all. These things belong in rpctorture or
> should be part of a toolkit that allow penetration testers to test the
> corner cases and extremes of individual RPC interfaces.
I was not referring to vulnerability research in RPC interfaces when I
mentionned penetration testers.
I was thinking about rpcclient commands that are useful to discover
internals of Windows domains (typically, commands that send operations
to the samr, lsarpc,... interfaces).
Jean-Baptiste Marchand
--
Jean-Baptiste.Marchand at hsc.fr
HSC - http://www.hsc.fr/
More information about the samba-technical
mailing list