Quantcast
Channel: UNIX and Linux Forums
Viewing all articles
Browse latest Browse all 16232

NTLMv2 Verification Using Linux(rpcclient®shell)

August 16, 2012, 8:03 am
$
0
0
I am writing a script and am trying to figure out what tool I can use to verify that a windows system is using NTLMv2 using linux? I have been using tools like:

Code:
rpcclient
regshell
I now know what the exact registry key string to look for for verification:

LmCompatibilityLevel
http://atc.caltech.edu/node/402

Code:
regshell -b rpc -R "ncacn_np:192.168.1.155" -U "TESTNETWORK.local\testadmin"
Password for [TESTNETWORK.LOCAL\testadmin]:
HKEY_CLASSES_ROOT\> predef HKEY_LOCAL_MACHINE
HKEY_LOCAL_MACHINE\> ck "SYSTEM\CurrentControlSet\Control\Lsa"
New path is: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa> list
K AccessProviders
K Audit
K Data
K GBG
K JD
K Kerberos
K MSV1_0
K Skew1
K SSO
K SspiCache
V "Authentication Packages" REG_MULTI_SZ (null)
V "Bounds" REG_BINARY 0030000000200000
V "Security Packages" REG_MULTI_SZ (null)
V "ImpersonatePrivilegeUpgradeToolHasRun" REG_DWORD 0x00000001
V "LsaPid" REG_DWORD 0x000002d0
V "SecureBoot" REG_DWORD 0x00000001
V "auditbaseobjects" REG_DWORD 0x00000000
V "crashonauditfail" REG_DWORD 0x00000000
V "disabledomaincreds" REG_DWORD 0x00000000
V "everyoneincludesanonymous" REG_DWORD 0x00000000
V "fipsalgorithmpolicy" REG_DWORD 0x00000000
V "forceguest" REG_DWORD 0x00000001
V "fullprivilegeauditing" REG_BINARY 00
V "limitblankpassworduse" REG_DWORD 0x00000001
V "lmcompatibilitylevel" REG_DWORD 0x00000000
V "nodefaultadminowner" REG_DWORD 0x00000001
V "nolmhash" REG_DWORD 0x00000000
V "restrictanonymous" REG_DWORD 0x00000000
V "restrictanonymoussam" REG_DWORD 0x00000001
V "Notification Packages" REG_MULTI_SZ (null)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa> print "lmcompatibilitylevel"
REG_DWORD
0x00000000
Now my question is, how can I print this in a oneliner? I have tried:
Code:
regshell -b rpc -R "ncacn_np:192.168.0.155" -U "TESTNETWORK.local\testadmin" -c "predef HKEY_LOCAL_MACHINE;ck SYSTEM\CurrentControlSet\Control\Lsa; print "lmcompatibilitylevel" "
but to no evail. Any ideas?? Is there a perl module for querying and checking registry entries?
Search
Viewing all articles
Browse latest Browse all 16232

Trending Articles

Bath man appears in court charged with attempted murder of a man...

March 16, 2015, 7:37 am

MACLEAN, Allan

July 30, 2019, 6:00 am

Black Angus Grilled Artichokes

July 16, 2016, 4:37 pm

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Police blotter for Jan. 12

January 12, 2018, 3:30 am

99 God Status for Whatsapp, Facebook

June 5, 2016, 11:46 pm

Rajasthan Board 12th Science Result 2018 name wise- RBSE 12th commerce result...

May 26, 2018, 9:35 pm

Notorious Naushad of Ippa gang nabbed

July 19, 2019, 6:37 am

Child Kidnapping: Amy McNeil was kidnapped on her way to school by 5 adults;...

February 5, 2017, 10:40 am

Sonible Smartlimit v1.1.5-R2R

April 16, 2024, 7:10 am

NCERT Solutions for Class 9th Sanskrit Chapter 3 पाथेयम्

December 22, 2016, 3:50 am

मतलबी दोस्त स्टेट्स | Matlabi Dost Status in Hindi – Selfish Friends Status

February 13, 2020, 3:12 am

Arrow Flash 2 – Sinhala Dubbed – Episode 23 – 20th March 2016

March 20, 2016, 9:39 am

[GET] AI Traffic Goldmine

July 6, 2025, 4:23 am

[E² Plugin] HDF-Radio

January 26, 2025, 9:02 am

Universal Multi-Patch v1.3 By RADIXX11

January 29, 2018, 2:45 pm

IWAN – Thanks and Praise ( Throw Back Thursday )

March 9, 2016, 11:43 pm

RONALD P SONDERGAARD Arrested by Miami-Dade County Corrections on Mar 03, 2017

March 3, 2017, 6:25 am

मुख मैथुन से उठाएं सेक्स का भरपूर मज़ा, जानें क्या है इसका सही तरीकामुख मैथुन...

May 17, 2020, 2:04 pm

HSSC Excise & Taxation Inspector Result 2017 Scorecard/ Category Wise Merit List

July 29, 2017, 2:44 am
Search