Penetration Testing mailing list archives
Re: [PEN-TEST] [Re: MS SQL HACKING]
From: "Beauregard, Claude Q" <CQBeauregard () AAAMICHIGAN COM>
Date: Fri, 17 Nov 2000 09:40:32 -0500
Doesn't do any good to get a sam file from the repair directory if the admins don't update the sam file using the repair /s option. -----Original Message----- From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf Of mount ararat blossom Sent: Tuesday, November 14, 2000 5:00 PM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] [Re: MS SQL HACKING] Hi there, as this paper was not detailing NT hacking methods, or WIN2SHIT hacking staff, i did not mention pwdump2 or other tools which make it easy to dump sam._ file from winnt/system32/repair/sam._ even if it was SYSKEY ed. cheers mab- David LeBlanc <dleblanc () mindspring com> wrote: At 02:40 AM 11/14/2000 EET, mount ararat blossom wrote:
Hi folks, i have just released another paper about SQL hacking. have fun in your pen-tests. any comments, suggestions or insults....?
Just a minor addition/correction -
Another good way of compromising NT account is, as every one of us
well
knows, reading the sam._ file under winnt/repair/sam._ and cracking this hashed password file with our favorite tool LophtCrack.
To do this, we will use the extended stored procedure, xp_regread
out of
registry. Below is the function do attain sam._ file Xp_regread 'HKEY_LOCAL_MACHINE','SECURITY\SAM\Domains\Account ','F'
If the system has applied syskey, which is default in Win2k, then this approach will be useless. You'd have to be able to upload other tools, which you may or may not be able to do. David LeBlanc dleblanc () mindspring com ____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
Current thread:
- Re: [PEN-TEST] [Re: MS SQL HACKING] mount ararat blossom (Nov 15)
- Re: [PEN-TEST] [Re: MS SQL HACKING] David LeBlanc (Nov 15)
- Re: [PEN-TEST] [Re: MS SQL HACKING] krisk (Nov 15)
- <Possible follow-ups>
- Re: [PEN-TEST] [Re: MS SQL HACKING] Fernando Cardoso (Nov 16)
- Re: [PEN-TEST] [Re: MS SQL HACKING] krisk (Nov 17)
- Re: [PEN-TEST] [Re: MS SQL HACKING] Beauregard, Claude Q (Nov 20)
- Re: [PEN-TEST] [Re: MS SQL HACKING] Michael Owen (Nov 20)
- Re: [PEN-TEST] [Re: MS SQL HACKING] David LeBlanc (Nov 15)