Re: Password Dump
From: Mike (noone@foo.bar.com)Date: 05/29/02
- Next message: zedx: "History folder"
- Previous message: chris@nospam.com: "Re: Password Dump"
- In reply to: chris@nospam.com: "Re: Password Dump"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: noone@foo.bar.com (Mike) Date: Wed, 29 May 2002 16:41:54 GMT
chris@nospam.com wrote in <0vt9fucspei0l13ctbq5085algbc5i2l8c@4ax.com>:
>On Wed, 29 May 2002 15:07:16 GMT, noone@foo.bar.com (Mike) wrote:
>
>>e_ssen@hotmail.com (Sridharan) wrote in
>><4afa61fa.0205290443.1e6ea7c4@posting.google.com>:
>>
>>>Is it possible to get the password dump of a remote machine using a
>>>acoount which doesn't have administrative rights....
>>>
>>>i want to check whether such a provision exists and how to protect
>>>myself against such attacks
>>>
>>>thanks in advane
>>>
>>
>>IMHO, it's not possible. You've to sniff some privileged account's
>>password from the wire first.
>>Having the administrative rights, pwdump3 can do the job.
>>Cheers,
>>
>>Mike
Some clarification...
>If you've created a RDISK backup and the machine isn't using NTFS,
>then you could grab the backup copy of the SAM.
The original question was to dump the hashes remotely without
administrative privileges.
>Or boot with a DOS
>disk and NTFS and copy the sam file off (might need to zip it first).
NTFSDOS or a Linux disk with NTFS support.
>Then you can run pwdump3 and L0phtcrack.
No need of pwdump3 if you already have the SAM. LC3 can import it directly.
>It's not hard to sniff for passwords on the network either.
>Also make sure you've patched for the Debploit virus.
It's not a virus (altough some antivirus say so), but a xploit code.
Cheers,
Mike
- Next message: zedx: "History folder"
- Previous message: chris@nospam.com: "Re: Password Dump"
- In reply to: chris@nospam.com: "Re: Password Dump"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
