I toook a little walk through my logs as well, but all the machines I saw I didn't need to use NBT, I simply entered \\ipaddress\c$ into the browser, and up it came! no passwords necessary for the 15 machines I tried. (I was going to be mean, but I liked the changing boot.ini to "Nimda Infected Machine")
garrett Windjammer <[EMAIL PROTECTED]> wrote: >What is nbt.... some telnet thing? I'd like to try that and see what happens... LOL > >Danny Mallory wrote: > >> Well I was playing around tonight and this is really toooo funny. >> As Nimda opens up the guest accounts on NT and 2k servers, I found >> that on every IP that hit my log files I was able to nbt to them >> >> start/run >> //ipaddress/c$ >> user: anonymous >> pswd: [EMAIL PROTECTED] >> >> And had full rights to their entire system.. >> >> So you guys tell me.. >> >> Should we stick this in a nice little batch file in their startup. >> %windir%\rundll32.exe user,ExitWindows Exec >> >> Danny >> >> -------------------------------------------------------------------------------- >> For unsubscription of this list send an email to [EMAIL PROTECTED] with email >> data containing unsubscribe emailadd sambar > > > >-------------------------------------------------------------------------------- >For unsubscription of this list send an email to [EMAIL PROTECTED] with email >data containing unsubscribe emailadd sambar > -------------------------------------------------------------------------------- For unsubscription of this list send an email to [EMAIL PROTECTED] with email data containing unsubscribe emailadd sambar
