Ok, so I'm doing an inventory of my computer room, and I have two servers that have been sitting in the bottom of a remote rack for at least 3 years. Both servers are unlabeled, and both are sitting at the Windows Server 2003 login screen. The admin UN&P that gets me into most of my other servers does not work for these two servers. I can get the name of the local machine from the login screen, and attempting to browse to it across the network shows me that IIS has not been enabled for either server. Browsing via unc shows me nothing. Pinging the machine's hostname gives me the IP address, but that doesn't help me anymore than the hostname. Short of turning them off or rebooting, does anyone know a way I may be able to figure out what these are doing? Shutting down/rebooting is not an option until the wee hours of Sunday morning (assuming I want to remain employed). Ironically, both are black, making this a proverbial black box problem.
I don't know if this is a road that you want to travel down, but you could always try a little light-weight hacking/cracking. Being that they are Windows servers, they could very possibly have an exploitable service running. Do you know if they have remote desktop enabled?