Re: Offline sam dump?

From: Erik Birkholz (erik_at_foundstone.com)
Date: 01/29/04

Next message: Richard Rager: "Re: Question regarding a Nessus scan"

Previous message: Nexus: "Re: How to pick the right company for penetration testing?"
Maybe in reply to: Mark Melonson: "Offline sam dump?"
Next in thread: Nicola Cuomo: "Re: Offline sam dump?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 28 Jan 2004 19:35:32 -0800
To: <markmelonson@hotmail.com>, <pen-test@securityfocus.com>

Better yet, why are you trying to dump sam as a non-admin? Are you interactive on the box as a user or something?

---------------------------------------
(Msg from BlackBerry Wireless Handheld)
---------------------------------------
Erik Pace Birkholz - CISSP, MCSE
Foundstone, Inc.
Strategic Security

Read Special Ops and mount an assault to eradicate network negligence today. www.SpecialOpsSeries.com

[Tel] 949.297.5591
[Cel] 323.252.5916
[Fax] 949.297.5575
[pgp] https://www.foundstone.com/pgpkeys/erik-birkholz.asc

-----Original Message-----
From: Mark Melonson <markmelonson@hotmail.com>
To: pen-test@securityfocus.com <pen-test@securityfocus.com>
Sent: Tue Jan 27 17:33:32 2004
Subject: Offline sam dump?

Greetings,

I'm conducting a small scale pen-test for a client... I have conducted a
remote assesment and am now starting on internal testing. They are using
fully patched Win2k Pro boxes, with WinXPs scattered amogsnt the network
(Win2k Servers). I know about pwdump2-3e, but need to dump the SAM without a
local Admin account. I have used the Linux bootdisk method to rewrite the
hash, but I need something to use with John. Thanx...

-BlindTechie

_________________________________________________________________
Rethink your business approach for the new year with the helpful tips here.
http://special.msn.com/bcentral/prep04.armx

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Richard Rager: "Re: Question regarding a Nessus scan"

Previous message: Nexus: "Re: How to pick the right company for penetration testing?"
Maybe in reply to: Mark Melonson: "Offline sam dump?"
Next in thread: Nicola Cuomo: "Re: Offline sam dump?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Windows XP Administration
... > Kindly explain the route of going the lmhash from the SAM ... dump of your SAM file into a plain text file called "passwd.txt" in the ... Go there and click on "Download free trial version of PWSEX 1.10". ... then a third row that has two tabs: "Hashes" and "Whatever attack type ...
(microsoft.public.windowsxp.security_admin)
Re: Offline sam dump?
... cannot use SAMDUMP to dump the SAM (since syskey is enabled), ...
(Pen-Test)
Re: NT Sam Hashes
... > You cant access local SAM files while the OS is running, ... Correct...this was one of the first ways to grab the sam file. ... >> I've been learning about some of the sam hash dump programs out there ... >> the sam hash of the machine they are run on locally. ...
(Security-Basics)
Re: Offline sam dump?
... Have you tried to boot using regular DOS boot disk, than use DOS NTFS, then ... Subject: Offline sam dump? ... > syskey is enabled. ...
(Pen-Test)