RE: Access to a win NT box
From: Shackleford, Dave (znz1@cdc.gov)Date: 06/28/02
- Previous message: Mark Maher: "RE: Access to a win NT box"
- Maybe in reply to: Pedro Miranda: "Access to a win NT box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Shackleford, Dave" <znz1@cdc.gov> To: 'Marlon Jabbur' <mjabbur@terra.com.br>, Pedro Miranda <rpmiranda@sonae.pt>, pen-test@securityfocus.com Date: Fri, 28 Jun 2002 08:53:39 -0400
Not exactly. For Win2k, you need to use PWDUMP2 (http://razor.bindview.com)
instead of PWDUMP, it uses DLL injection to bypass SYSKEY encryption. If you
have Admin privileges, this should be cake. Or upload WinVNC server, and
control the whole damn thing through the GUI. And actually, rdisk IS present
in Win2k, but it is integrated into the ntbackup.exe utility. Here is the
syntax from the Help file:
ntbackup backup [systemstate] "bks file name" /J {"job name"} [/P {"pool
name"}] [/G {"guid name"}] [/T { "tape name"}] [/N {"media name"}] [/F
{"file name"}] [/D {"set description"}] [/DS {"server name"}] [/IS {"server
name"}] [/A] [/V:{yes|no}] [/R:{yes|no}] [/L:{f|s|n}] [/M {backup type}]
[/RS:{yes|no}] [/HC:{on|off}] [/UM]
HTH
--Shack
-----Original Message-----
From: Marlon Jabbur [mailto:mjabbur@terra.com.br]
Sent: Wednesday, June 26, 2002 12:50 PM
To: Pedro Miranda; pen-test@securityfocus.com
Subject: RE: Access to a win NT box
Hi Pedro,
There is no rdisk in win2k. If the machine is a win2k and you have the admin
passwd you can use pwdump to dump the sam database or use sysinternals's
psexec to execute commands on the server
You can find psexec here:
http://www.sysinternals.com/ntw2k/freeware/pstools.shtml .
Marlon
-----Original Message-----
From: Pedro Miranda [mailto:rpmiranda@sonae.pt]
Sent: Tuesday, June 25, 2002 1:43 PM
To: pen-test@securityfocus.com
Subject: Access to a win NT box
Hi, I've got remote access to a wNT box using the command
\\machinename\c$ /user:machinename\administrator
So i've got administrator privileges but i want to access to the SAM
database.
I've tried to get \\winnt\repair\sam._ but i couldn't find the rdisk
comand.
Can anybody help tell me where can i find this software, or if there is
another way to get access to the sam file.
Thanks in advance
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Mark Maher: "RE: Access to a win NT box"
- Maybe in reply to: Pedro Miranda: "Access to a win NT box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
