mailing list archives
Re: [PEN-TEST] [Re: MS SQL HACKING]
From: krisk <krisk () MEDSHOPPEINTL COM>
Date: Tue, 14 Nov 2000 16:41:31 -0600
At 10:00 PM 11/14/2000 EET, mount ararat blossom wrote:
as this paper was not detailing NT hacking methods, or WIN2SHIT hacking
i did not mention pwdump2 or other tools which make it easy to
dump sam._ file from winnt/system32/repair/sam._ even if it was SYSKEY ed.
And this doesn't work with W2K and active directory in native mode, the only
accounts contained in the sam file are the administrator and guest accounts.
L0pht crack won't dump them with admin access either. Anybody run across a
tool to dump the users and password hashes from Active Directory yet? I'm
guessing this should be easily do-able with admin access since it has to be
stored somewhere in AD, but haven't had the time to look into it further
WAN Communications / Security Admin.
St. Louis, MO