T 5.58 Hacking Novell Netware

"Hacking Novell Netware" can principally be carried out in two ways.

Firstly, a targeted attack against a user account can be carried out from a workstation in order to find out the password.

A targeted attack against a user account can take place via a so-called brute force attack, in which a workstation (status: attached) with the help of an algorithm or the provided dictionary, generates passwords and tries them out, thus attempting to login to a previously established user account.

By using the program HACK.EXE an authorised user can carry out an attack against the supervisor's account. By taking advantage of a weakness in the operating system, all users of the Novell Netware server can be put in a position equivalent to that of a supervisor. Also, the supervisor can be logged out or his password changed, given the supervisor is logged on when HACK.EXE is activated.

Furthermore, an attack can be carried out via direct manipulation of the server, for example, to generate an account equivalent to that of a supervisor.

By loading and activating NLMs (Netware Loadable Modules), which were developed as emergency tools, it is possible, for example, to create a special user whose privileges on the Novell Netware server are equivalent to those of a supervisor.

These tools, such as SETPWD.NLM,also function in Netware 4 networks. In this context it is, therefore, advisable to once again refer to S 1.42 Secure siting of Novell Netware Servers.

Most of these programs are freely available on the Internet. As regards their operation, they can be used by "amateurs" as no specific knowledge of Novell Netware is necessary.