Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Active Directory Pentest
From: AdamT <adwulf () gmail com>
Date: Thu, 31 May 2007 07:51:35 +0100

On 30/05/07, Ricardo Mourato <ricardomcm () gmail com> wrote:
hi folks, in a costumer network where i'm doing a pentest, i found an
Active Directory Server, this one also runs SQL server 2000 SP1, i've
found that SQL server doenst have a password on the SA account, so it
was easy to get in with NT/SYSTEM, but my question is, where is the AD
users directory located?
tnks in advice

As mentioned, the AD database lives in NTDS.DIT.  These files can grow
quite large.  Check and see if there's a recovery mode password set to
null - which might get you what you want:


"Waiting for paint to dry or replication to complete is never any fun.
You should also move the mouse around repeatedly until it completes."
--- Al Mulnick

This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]