Re: AD password Auditing

From: Joey Peloquin (joeyp_at_cotse.net)
Date: 08/07/05

  • Next message: goenw: "Application Assessment" 
    Date: Sun, 07 Aug 2005 15:53:37 -0500
To: "Rochford, Paul" <paul.rochford@hp.com>

    Rochford, Paul wrote:

    >You used to get the SAM file off a running server by running rdisk /s-,
    >it will make a copy on the existing one. It's the copy of the SAM you
    >retrieve. Also not sure AD stores credentials in the same way as Classic
    >NT Domains, so you may be looking in the wrong place. Someone I'm sure
    >can verify this.
    >
    >
    >Kind Regards,
    >Paul Rochford
    >
    >
    Good point, Paul. Won't grabbing a copy of the DC's SAM just provide
    its local accounts?

    Active Directory stores user accounts and other information in its
    database file, NTDS.dit. This file can grow HUGE, so even if you can
    get it without being spotted and cut-off by the client, it could take a
    while. I've done a few google queries, and only read of capturing
    ntds.dit through physical access. On top of that, according to a post
    by an "MVP", as of Dec. '03, there was no _known_ tools to crack the db
    offline.

    According to the same post, however, you can use pwdump3 to inject the
    LSASS process, and export a crackable hash. I believe you have to be a
    local Admin on the DC as well.

    Good luck.

    Joey

    ------------------------------------------------------------------------------
    FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

    Learn the hacker's secrets that compromise wireless LANs. Secure your
    WLAN by understanding these threats, available hacking tools and proven
    countermeasures. Defend your WLAN against man-in-the-Middle attacks and
    session hijacking, denial-of-service, rogue access points, identity
    thefts and MAC spoofing. Request your complimentary white paper at:

    http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
    -------------------------------------------------------------------------------

  • Next message: goenw: "Application Assessment"

    Relevant Pages

    • Re: is Paul unable to leave Texas becasue of a BOND due to an arrest?
      ... Sam and myself from the Polgar crowd. ... Paul has cried wolf too many times. ... the EB meeting in Tennessee doesn't make Paul or Susan any safer. ... then perhaps Susan Polgar should quit staking others ...
      (rec.games.chess.politics)
    • Re: Fattys Yoko fixation
      ... You're quoting Paul McCartney as though he would have more knowledge ... based on the press reports that Yoko and Sam were "an item" in Sept. ... What you should know is that press reports aren't necessarily accurate. ... As for something being "contrary to British custom," so what? ...
      (rec.music.beatles)
    • Re: Bug when applying print settings to a group of worksheets
      ... Sam ... "Paul B" wrote: ... > Sub test() ... > 'your code would go here, this would change the headers on all sheets ...
      (microsoft.public.excel.printing)
    • Re: Seperate First and Last Name into different cells
      ... Sam, have a look at data, text to columns, post back if you need more help ... Paul B ... Always backup your data before trying something new ... Using Excel 2002 & 2003 ...
      (microsoft.public.excel.worksheet.functions)