What if the Sys Admin has “renamed” the administrator account?
It is possible that a Sys Admin will create a new account, give that account the same access as an administrator, and then remove part of the access to the administrator account. The idea here is that if you don’t know the administrator account name, you can’t get in as an administrator. Typing “NBTSTAT -A ipaddress” will give you the new administrator account, assuming they are logged in. A bit of social engineering could get them to log in as well. nbtstat will also give you other useful information such as services running, the NT domain name, the nodename, and the ethernet hardware address. See also section 05-6 which discusses a bug that allows you to get the new administrator account name.
It is possible that a Sys Admin will create a new account, give that account the same access as the god account, and then remove part of the access to the former god account. The idea here is that if you don’t know the real god account name, you can’t get in with god priviledges. As one might expect, this could break certain programs or functions. For example, what makes root the Unix god is the fact that the UID (User ID number) and GID (Group ID number) are both zero. Any other account set this way is god, and more than one can exist on a single system. But some programs and scripts may not look to see if the user running them is UID zero, they might possibly look to see if the user’s name is root. Since often Sys Admins have a stack of stuff to do anyway, monkeying around with the root account is usually not done. If you can gain access to even a limited access account like a guest account, a simple grep “0:0” /etc/passwd should let you see whose god equiv or not. With NT typing “NB
