mailing list archives
Re: [PEN-TEST] [Re: MS SQL HACKING]
From: David LeBlanc <dleblanc () MINDSPRING COM>
Date: Tue, 14 Nov 2000 12:28:03 -0800
At 10:00 PM 11/14/2000 EET, mount ararat blossom wrote:
as this paper was not detailing NT hacking methods, or WIN2SHIT hacking
i did not mention pwdump2 or other tools which make it easy to
dump sam._ file from winnt/system32/repair/sam._ even if it was SYSKEY ed.
You're a little confused. Pwdump2 doesn't dump the sam._ file. The sam._
file isn't even involved. You might wish to visit www.razor.bindview.com
and review the readme on pwdump2. Whether you're trying to tell people how
to hack, or evaluate the security of their systems (same thing, really,
just different intent), it is always best to have accurate information.
Your information was inaccurate in that respect. The rest of what you had,
which is largely a rehash of what's published on the Microsoft web site and
various books, seemed reasonably accurate, although not especially
enlightening or useful.
dleblanc () mindspring com