Started by wilnix, March 04, 2002, 03:23:40 PM

Here's how:

Start the registry editor
Move to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
If you are using Workstation create a value (Edit - Add Value) called AutoShareWks (AutoShareServer for server) of type DWORD and press OK. It will ask for a value, type the number 0.
Close the registry editor

The pisser of this is that if the attacker has an admin account on the NT Network, all he has to do is fire up the server manager create whatever share(s) he wants on any domain member... Gotta love Windows!
Yeah, but in win2k pro, you can take the domain admin out of the local administrators group. In NT, your just screwed.

