|
Security Basics
mailing list archives
Re: Fwd: How does the Cain and Abel SAM dump works?
From: "Jorge L. Vazquez" <jlvazquez825 () gmail com>
Date: Tue, 15 Jul 2008 23:48:31 -0400
Adriel Desautels wrote:
Actually I might. I'll get back to you on that.
Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45
Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142
---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security
Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn
Eric Snyder wrote:
Adriel ,
How are you checking / cracking longer, 15 character plus, passwords?
The best table I have seen is 14 character. Do you have a source for
15+ character tables that use every possible printable characters;
commas, spaces, grave accents, etc.?
Thank you.
-Eric.
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Adriel Desautels
Sent: Tuesday, July 15, 2008 2:05 PM
To: my.security.lists () gmail com
Cc: Vikas Singhal; security-basics () securityfocus com
Subject: Re: Fwd: How does the Cain and Abel SAM dump works?
Yep, and rainbow tables are your friend.
Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45
Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142
---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security
Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn
Rob Thompson wrote:
Vikas Singhal wrote:
Hi Friends,
Nowaday, I am studying on the Topic - Cracking Windows password.
There are lot of tools out there which can dump LM and NTLM hashes
for
you. But as far i know, you can't touch the SAM file when windows is
running, so, how does these tools work.
Is the sam dumped in-memory?
Regards
V
Whenever I've had to do that, I have copied the SAM off the box, while
the machine was running and then done the work offline.
I haven't had to do it a lot, but a few times and it's worked each
time.
Hope that this helps.
you're right the safest method would be to copy the SAM off the
computer, but I think for that you should have adimin rights on that
box...correct me if I'm wrong
another thing that has happened to me with Cain is that when pulling a
MITM attack on a victim to sniff off password, I can get the password
for pop3, telnet, ftp....with no problem; well those are sent in clear
text over the network with no kind of encryption, but when I try to dump
the hashes from a windows box login/authentication with a Domain
Controller or when trying to access a share on the network....I get the
hashes in the sniffer session in Cain, and then import them into crack
to do a dictionary or brute force attack, when when I actually launch
the attack it doesn't load the hashes; I get the error no hashes
imported, like if Cain is not recognizing the hashes or the hashes are
in the wrong format.....do I have to modify this hashes for Cain to
understand them....or am I missing something here
Thanks
Jorge L. Vazquez
www.pctechtips.org
 By Date 
By Thread
Current thread:
|
Intro
