tag:blogger.com,1999:blog-8539880144347728238.post1748102999164016134..comments2024-01-24T04:15:08.086-05:00Comments on Carnal0wnage Blog: Shared Passwords Giving Up The GoodsUnknownnoreply@blogger.comBlogger3125tag:blogger.com,1999:blog-8539880144347728238.post-17350076639099261762008-08-22T13:59:00.000-04:002008-08-22T13:59:00.000-04:00running set will give environment variables for th...running set will give environment variables for the user.<BR/><BR/>I personally havent seen comments in set data so maybe anonymous is pulling our leg, but I wouldnt totally rule the possibility out.<BR/><BR/>I have seen good stuff in the comments from a net user username /domain thoughCGhttps://www.blogger.com/profile/11061967917509053185noreply@blogger.comtag:blogger.com,1999:blog-8539880144347728238.post-21101548000610372832008-08-22T10:31:00.000-04:002008-08-22T10:31:00.000-04:00from pentest experience VNC is a given if you get ...from pentest experience VNC is a given if you get access to one machine running it and decode the password from the registry 99,9% the same password will work on another machine. I'm just curious about the previous comment with "set", did that system had a username and password variables configured in the env variables?Unknownhttps://www.blogger.com/profile/02474191229158745507noreply@blogger.comtag:blogger.com,1999:blog-8539880144347728238.post-39596208709187635512008-08-21T22:20:00.000-04:002008-08-21T22:20:00.000-04:00Shared VNC password? Whats the problem? It would...Shared VNC password? Whats the problem? It would not be a security risk until you meddling gringo's came. <BR/>OK, honestly, saw the same thing! Luv it, like it, wish I did not see it.<BR/>Best thing I came across...?<BR/>c:\ set<BR/>Returned?<BR/>Yep...<BR/>Username: Blacktie<BR/>Pasword: Pw0ned<BR/><BR/>A little Net User and what do you know...a roll-out account!<BR/>Whoo hoo!!!!Anonymousnoreply@blogger.com