Penetration Testing mailing list archives
Re: [PEN-TEST] NT Passwors Cracking
From: Ryan Russell <ryan () SECURITYFOCUS COM>
Date: Thu, 30 Nov 2000 10:17:37 -0800
On Wed, 29 Nov 2000, Beauregard, Claude Q wrote:
Question: I used to L0phtcrack to download the hashes from the registry of an NT server. The password hashes are Syskeyed so L0phtcrack isn't going to work (I believe I'm correct on this). I don't have direct access to the NT server the hashes were downloaded from. Is there a way to save the hashes to a file and run the file through another utility that will decrypt the hashes.
I'm not aware of any work that has been done on attacking the syskey crypto algorithms. There is a newer version of pwdump that will get the real hashes if you've got a way to bo back to the machine to get another dump. Ryan
Current thread:
- Re: [PEN-TEST] NT Passwors Cracking Ryan Russell (Dec 01)
- <Possible follow-ups>
- Re: [PEN-TEST] NT Passwors Cracking mvanaswegen (Dec 01)
- Re: [PEN-TEST] NT Passwors Cracking Conor Crowley (Dec 01)
- Re: [PEN-TEST] NT Passwors Cracking Beauregard, Claude Q (Dec 01)
- Re: [PEN-TEST] NT Passwors Cracking Beauregard, Claude Q (Dec 01)