NetWare is a computer network operating system developed by Novell, Inc. It initially used cooperative multitasking to run various services on a personal computer, using the IPX network protocol.
By 2000 Microsoft was taking more of Novell's customer base and Novell increasingly looked to a future based on a Linux kernel. The successor to NetWare, Open Enterprise Server (OES), released in March 2005, offered all the services previously hosted by NetWare v6.5, but on a SUSE Linux Enterprise Server; the NetWare kernel remained an option until OES 11 in late 2011.
These 9 tools will help you to reset the password - or hashes - of almost all Microsoft Active Directory domains.
Use the Pandora project - Pandora is a set of tools for hacking, intruding, and testing the security and insecurity of Novell Netware. It works on versions 4 and 5. Pandora consists of two distinct sets of programs -- an "online" version and an"offline" version. Pandora Online is intended to be used for direct attack against a live Netware 4 or 5 server. Pandora Offline is intended to be used for password cracking after you have obtained copies of NDS.
Psexec and pmdump
On a Novell 7 environment use both psexec and pmdump or procdump : tools that lets you dump the memory contents of a process to a file without stopping the process, as follows:
psexec \\hostname -u username -p password -s -f -c pmdump/procdump -list
Find the PID of the Gwise.exe service. Then:
psexec \\hostname -u -p password -s -f -c pmdump/procdump *PID* dump
This will dump the memory to \\hostname\c$\windows\system32. Open the dump file in a hex editor and search for an organizational string, like an OU in the targets memory dump file.
From there you can find the Novell password for the user within the file.
Bypass login screen
If you know the password of an user under the Microsoft login screen, but can't access to it because of Novell Client, here are some tricks to bypass the Novell login screen :
- Start up in safe mode (without networking) and enter the registry with regedit. Look for a string called NWGina, GINA.DLL or NWGINAL.DLL. That is the dll responsible for the login screen. You may replace NWGINA.DLL with MSGINA.DLL to revert back to the Microsoft way of handling this.
- If you are using Win2k or XP, you can have two distinct logins using the NetWare client. Under the "advanced" properties of the client login tab, select "Windows" login tab.
- Try unplugging LAN cable to see if that helps. That may force a local logon..
- In "Network Settings", right click "Lan connection" > Properties, use Windows client log on and remove Novell. Also make sure your workgroup name is the same as the one you want to join. Also check your TCP/IP properties are set to auto for ip addressing.
- If the user's Novell & Windows password same, on Novell Client properties, Advanced Login tab, set "Copy NetWare username to Windows"=on. User only needs to enter password once.
Some links to go further:
- Getting Access to Accounts + Crack them
- Netware Accounts
- Netware Passwords
- Netware Console Attacks
- Netware Client Attacks
- Netware Denial of Service
- Netware Logging and Backdoors
- Netware Misc. Attack Info