Home page logo

pen-test logo Penetration Testing mailing list archives

From: Fernando Cardoso <fernando () BN PT>
Date: Wed, 15 Nov 2000 10:56:03 -0000

The "new" version (April 2000) of pwdump2 will do it, although I haven't
tested yet. Check
http://www.razor.bindview.com/tools/desc/pwdump2_readme.html for details.


Fernando Cardoso              Phone:   +351 21 7982186
Network Administrator         Fax:     +351 21 7982185
National Library              E-mail:  fernando () bn pt
Portugal                      PGP ID:  28551CB8

At 10:00 PM 11/14/2000 EET, mount ararat blossom wrote:

Hi there,
as this paper was not detailing NT hacking methods, or
WIN2SHIT hacking
i did not mention pwdump2 or other tools which make it easy to
dump sam._ file from winnt/system32/repair/sam._ even if it
was SYSKEY ed.

And this doesn't work with W2K and active directory in native
mode, the only
accounts contained in the sam file are the administrator and
guest accounts.
L0pht crack won't dump them with admin access either. Anybody
run across a
tool to dump the users and password hashes from Active
Directory yet? I'm
guessing this should be easily do-able with admin access
since it has to be
stored somewhere in AD, but haven't had the time to look into
it further

Kris Kistler
WAN Communications / Security Admin.
St. Louis, MO

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]