Penetration Testing mailing list archives
RE: Windows 2003 - Dumping Service Passwords
From: Larry Seltzer <Larry () larryseltzer com>
Date: Fri, 24 Nov 2006 06:35:21 -0500
If you have an account on the server then you can use Cain on your
local Windows machine to install the backdoor service Abel onto the server via SMB, which will then let you dump the LSA Secrets and NT Hashes. Doesn't this require Domain Administrator privileges? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.eweek.com/blogs/larry%5Fseltzer/ Contributing Editor, PC Magazine larryseltzer () ziffdavis com ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- RE: Windows 2003 - Dumping Service Passwords, (continued)
- RE: Windows 2003 - Dumping Service Passwords Goran Pizent (Nov 24)
- RE: Windows 2003 - Dumping Service Passwords Jessie Ling XX (MC/EPA) (Nov 26)
- RE: Windows 2003 - Dumping Service Passwords Goran Pizent (Nov 27)
- RE: Windows 2003 - Dumping Service Passwords Jon Westcott (Nov 27)
- RE: Windows 2003 - Dumping Service Passwords John Babio (Nov 29)
- Re: Windows 2003 - Dumping Service Passwords Jeremy Saintot (Nov 24)
- Re: Windows 2003 - Dumping Service Passwords Spam (Nov 24)
- Re: Windows 2003 - Dumping Service Passwords Jerome Athias (Nov 24)
- RE: Windows 2003 - Dumping Service Passwords Maher Odeh (Nov 24)
- Re: Windows 2003 - Dumping Service Passwords one2 (Nov 24)
- RE: Windows 2003 - Dumping Service Passwords Larry Seltzer (Nov 24)
- RE: Windows 2003 - Dumping Service Passwords Scott Ramsdell (Nov 24)