MS SQL & NT registry

From: Lynum, David (David.Lynum@elancorp.com)
Date: 10/31/01 

Message-ID: <B311972C5283D3119D9B0008C733265B01B2E309@ssfexcl.elanpharma.com>
From: "Lynum, David" <David.Lynum@elancorp.com>
To: focus-ms@securityfocus.com
Subject: MS SQL & NT registry
Date: Wed, 31 Oct 2001 12:56:45 -0800

Hey there,

This is first time I've posed a question to this list, so take it easy on
me.

My question has to do with a whitepaper I read from ISS.net on security
database servers, and here's the link to it,
http://documents.iss.net/whitepapers/securingdbs.pdf. The paper shows how to
use an extended stored procedure call, "xp_regread" to read registry
contents for the SAM\Domains\Accounts section. But it doesn't tell you how
to extract the query results so that a password cracking program such as
L0phtcrack can be used to see the account information. My question is
specifically about extracting the contents of the SAM registry entries from
the SQL query results so that I can import them into L0phtcrack to crack
them. How do I do this? I've saved the query report results to a file and
then opened that file from within L0pht, but L0pht closes as soon as I do
this. I e-mailed support for L0pht and they haven't gotten back to me. I
have L0pht 2.52. Also, I spoke with one of the security people at ISS about
this, but they won't provide any help.

Have any of you done this, or know where I can find information on how to do
this? I need to know because I handle data security for my company and I
have to prove to them that this exploit is real before they'll take any
action.

Thanks in advance for your help,

David

--This communication and any files transmitted with it contain information which is confidential and may be privileged and exempt from disclosure under applicable law. It is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are hereby notified that any use, dissemination or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender. Thank you for your co-operation.--

Relevant Pages

  • Re: Check Boxes "not detectable"
    ... the SQL view and have included it here: ... Registry.PubEMA1, Registry.PubEMA2 FROM Families INNER JOIN Registry ... When I run the query directly, ...
    (microsoft.public.access.forms)
  • Re: ADAM logging
    ... Logging every query into a file would probably be too expensive perf-wise. ... "Lee Flight" wrote in message ... we register a registry callback. ... >>> did you restart the ADAM instance after you made the change? ...
    (microsoft.public.windows.server.active_directory)
  • RE: SecurityException for registry access while opening SQL Connection
    ... It seems that it is a permission issue of the ASPNET account. ... 1.Add the account as a SQL Server Login. ... Registry Monitor logs all calls the to registry. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: mailmerge out of Access 2003
    ... I have been playing around with calling the mailmerge templates by using ... If I change the security of Access to 'low' via Tools ... off their no changes to the registry policy for me. ... prompt only exists because executing SQL can have side effects (e.g. ...
    (microsoft.public.word.mailmerge.fields)
  • Re: mailmerge out of Access 2003
    ... think it changes the registry key, which in theory could not be done on ... registry change, it's another thing that you will probably not be allowed to ... If I change the security of Access to 'low' via ... prompt only exists because executing SQL can have side effects (e.g. ...
    (microsoft.public.word.mailmerge.fields)