Penetration Testing mailing list archives
Re: forgotten admin password
From: Teh Fizzgig <fizzgig () foofus net>
Date: Fri, 20 Apr 2007 09:16:18 -0500
cesar montano wrote:
mates, need your inputs badly. we have w2k3 server with a newly installed application ... unfortunately, the system staff who's in-charge for that server has forgotten the admin password he inputted in the last few weeks. any idea on how to recover it or other way to login on that server?
You could run something like Locksmith (does that run on W2K3? It's been awhile since I used it). That's the easiest, but not as much fun as the other solutions. :) Otherwise, what other sorts of services are running on it? Has it been recently patched? If it's behind in patching, exploit it using your favorite vuln o'the day (like the recent DNS vulnerability perhaps) in Metasploit, Canvas, etc. If you've got old BackupExec on it, that too is sometimes vulnerable. Many of these exploits allow you to run as System, which means you can dump the passwords and crack them. Besides, it's kind of fun and liberating breaking into your own boxes. If SQL Server is installed on the box, it's quite possible someone left an easy sa password on it, which also might mean you can execute tasks as system via xp_cmdshell. Just like vuln exploiting, dump the passwords and crack them appropriately. Admittedly, these paths are overkill, but as I said, they are more fun than simply rebooting with Locksmith or something. :) After all, this is pen-test. --f ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Re: forgotten admin password, (continued)
- Re: forgotten admin password Sec Melis (Apr 20)
- Re: forgotten admin password Liudvikas Jablonskas (Apr 20)
- RE: forgotten admin password Ali Akbar (Apr 20)
- Re: forgotten admin password Eric Snyder (Apr 20)
- Re: forgotten admin password Hans-J. Ullrich (Apr 20)
- Re: forgotten admin password Johan Mellberg (Apr 20)
- RE: forgotten admin password Andy Swenson (Apr 20)
- RE: forgotten admin password Nick Vaernhoej (Apr 20)
- RE: forgotten admin password Seth P. Low (Apr 28)
- RE: forgotten admin password Ricardo Landrau (Apr 20)
- Re: forgotten admin password Teh Fizzgig (Apr 20)
- Re: forgotten admin password Francois Yang (Apr 20)
- RE: forgotten admin password Hanuszczak Mariusz (Apr 20)
- Re: forgotten admin password Thor (Hammer of God) (Apr 20)