Finally, we get with the last method in the list. This depends, as always, on the user having a poor knowledge of security and using operating systems not properly secured. It’s really common for a lot of users who have more than one computer connected by a network to share part or all his disks.
In this case the technique is a combination of some the last ones but applied to the shared disk. Most times this shared disks don’t have any protection applied to them, not even a password or the password is blank, so reading its content is as easy as connecting to them with the network browser.
Other times, the shared disks have a password protecting them, but it’s not uncommon to be able to find this password in a few tries. We can also try to do a bruteforce attack with programs like NetBrute, which have an scanner than can find all computers with shared disks and have a version of the programs that allows bruteforcing passwords.
If we want to protect against this attacks, we must check carefully whether we have shared disks and only enable them in case it’s essential. If we have to enable them, we should get a strong password, ideally made from random characters and long enough.
1 Response to “How to get a Hotmail password (X): Stealing files with NetBIOS”