Penetration Testing mailing list archives

RE: Extracting NT password hashes from registry export file

From: "Stuart Flisher" <stuart.flisher () dalofte co ae>
Date: Thu, 1 Nov 2001 19:36:28 -0000

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

One problem you have is even administrator doesn't have access to
the sam and security hives in the registry.
Only the system account has access to these.
As a result it is unlikely that the registry export contains these
hives.


Going off at a slight tangent...

Doesn't running regedit or regedt32 from the AT command resolve
this?? It will open up the program a system user.

Dalofte Fz-LLC
Internet Security Consultants
Office 119, bldg 3
Dubai Internet City
P.O. Box 72395
Dubai
U.A.E.

stuart.flisher () dalofte co ae
(O) +971 4 391 1200
(M) +971 50 552 7817 


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO+GkPLkq3S4xgD3VEQLQaQCeIuZFo895IXZMvC37rzMqXPUbpUkAn0S8
QZqH0QAy62UikAJe8QRZlCcf
=wzF6
-----END PGP SIGNATURE-----


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

RE: Extracting NT password hashes from registry export file Stuart Flisher (Nov 01)
- <Possible follow-ups>
- RE: Extracting NT password hashes from registry export file pmawson (Nov 03)
- Re: Extracting NT password hashes from registry export file Joe Brown (Nov 03)
- RE: Extracting NT password hashes from registry export file Wertheimer, Ishai (Nov 05)