experienced developer / software engineer with 30+ years of
experience. Confidentiality guaranteed.
hat penetration testing.
/ IPS identification.
or Test Accounts: How many lab
or test accounts exist in your environment? How many of these
accounts are in the local Administrators group? Care to guess what
the password for such accounts might be? It could be test, or, on
systems with no password policy enforcement, it could even be NULL.
To make matters worse, these accounts— even admin accounts—can
set passwords that never expire. It is not uncommon to find systems
with passwords set months or even years ago—even brute-forcing can
be valuable for cracking stronger passwords within such an
Accounts with Juicy Info in the Comment Field: I've actually seen passwords written in the Comment field in plaintext,
ripe for the plucking via enumeration. Sometimes hints to the
password can be found in the Comment field to aid those hapless users
who just can’t seem to remember their own passwords.
or Domain Admins Groups: These accounts are often targeted
because of their all-encompassing power over local systems or
domains. Also, the local Administrator account cannot be locked out
using default tools from Microsoft, and they make ripe targets for
perpetual password guessing. The account has been renamed or disabled
on later versions of Microsoft Windows.
administrator accounts: might also use the same password for
multiple systems, especially if the systems have been installed from
one (and the same) golden image. This gives the advantage to the
attacker who can use the same local account to compromise all the
accounts on the network.
Backup Application Service Accounts: Many commercial backup
software applications create user accounts that are granted a high
degree of privilege on a system, or that at least can read almost all
of the files to provide a comprehensive backup of the system.
Group Accounts: Organisations large and small have a
propensity to reuse account credentials that grant access to a high
percentage of the systems in a given environment. Account names such
as backup or admin are examples.
What the Seller needs to start the work
Confidentiality agreement. Permission to test a network