Penetration Testing mailing list archives

Re: W2K Terminal Services pwd cracker

From: "Victor A. Rodriguez (Bit-Man)" <victor () bit-man com ar>
Date: Tue, 27 Nov 2001 17:03:43 -0200

Hi david,

The following message was sent by David Smith <dzs999 () yahoo com> on Tue, 27 Nov 2001 04:30:39 -0800 (PST).

Does anyone know of a password cracker for Win2K
terminal services?  During a pentest I've found port
3389/tcp open on the client's web server, and can get
access to a login prompt.


The login/passwords are the NT ones, that are needed to access it.First you need to obtain the SAM for this machine and 
try to obtain
the passwords using L0pthCrack.

Cheers
--
Victor A. Rodriguez (http://www.bit-man.com.ar)
El bit Fantasma (Bit-Man)
"aMail: a lot of fun in a bunch of Perl scripts"

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

W2K Terminal Services pwd cracker David Smith (Nov 27)
- <Possible follow-ups>
- Re: W2K Terminal Services pwd cracker Victor A. Rodriguez (Bit-Man) (Nov 28)
- Re: W2K Terminal Services pwd cracker Secterm . (Nov 29)
  - Re: W2K Terminal Services pwd cracker Thor (Nov 29)