Re: Password audit in 2008 DC



Hello Adrian,

Helix has utilities to dump SAM file. You can run it on the Microsoft
Windows 2008 DC and safely dump the local SAM file to a normal TXT
file.

---
Nikhil Wagholikar
Practice Lead | Security Assessments & Digital Forensics
Network Intelligence India Pvt. Ltd. [NII Consulting]
Web: http://www.niiconsulting.com/
Comprehensive Information Security Training
http://iisecurity.in/courses/Training Calendar.html

On 15 April 2010 06:42, Adrian Rodriguez <adrian.rodriguez@xxxxxxxxxxxx> wrote:

Hello,

I have a client that requires a password audit to it´s DC that is on a
win 2008 server system.
Due to the criticity of the service, the client does not allow the
execution of a non proven tool to do the task.

I´m trying to do a simple SAM dump on ths system but I need to know for
sure it´ll work and won´t cause a DOS.

I looked for documentation on fgdump and pwdump7. But I find some
contradicting info stating that the tools will only work as for
extracting the local SAM and not the hole Active Directory.

Does anyone have had a similar case? or a trully working experience in
this? Will this tools affect the service since the Win2008 security
responds differently to the tools dll or service?

Tnx in advance.


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



Relevant Pages

  • Re: Format of SAM File
    ... This is what is in the hash: ... Looking for a reference that describes the format of the windows SAM ... file", "understand windows SAM file", and other related searches have ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • RE: Format of SAM File
    ... decent explanation of the pwdump output. ... Subject: Format of SAM File ... Looking for a reference that describes the format of the windows SAM ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: Password Decoding
    ... SYSTEM and SAM file off the disk, dump the SYSKEY and then use that to ...
    (alt.computer.security)