a proposal for Samba 3.5

Jean-Baptiste Marchand Jean-Baptiste.Marchand at hsc.fr
Mon Apr 19 09:41:38 GMT 2004

* Richard Sharpe <rsharpe at richardsharpe.com> [16/04/04 - 20:50]:

> Yes. Unfortunately, Jean-Baptiste conflated two groups of users. I agree 
> that functions useful to sys admins belongs in the net command.

True, penetration testers and system administrators do not really have
the same requirements...

However, I still think that an interactive command-line tool such as
rpcclient is very useful to system administrators, in addition to the
net command.

For instance, the Samba-TNG version of rpcclient supports some useful
commands that supports the following MSRPC interface:

 eventlog (remote Windows eventlog manipulation)
 svcctl (remote Windows services administration) 

My feeling is that the net command supports commands for domain-oriented
administrative tasks but not for general Windows system administration
tasks such as reading the eventlog, starting a Windows service and so

> I don't think that those functions that are useful to penetration testers 
> belong in the net command at all. These things belong in rpctorture or 
> should be part of a toolkit that allow penetration testers to test the 
> corner cases and extremes of individual RPC interfaces.

I was not referring to vulnerability research in RPC interfaces when I
mentionned penetration testers.

I was thinking about rpcclient commands that are useful to discover
internals of Windows domains (typically, commands that send operations
to the samr, lsarpc,... interfaces).

Jean-Baptiste Marchand
Jean-Baptiste.Marchand at hsc.fr
HSC - http://www.hsc.fr/

More information about the samba-technical mailing list