Penetration Testing mailing list archives
RE: Active Directory Pentest
From: "ragdelaed" <ragdelaed () gmail com>
Date: Wed, 30 May 2007 18:56:09 -0400
http://www.windowsnetworking.com/kbase/WindowsTips/Windows2000/AdminTips/Act iveDirectory/ActiveDirectorydatabasefileNTDS.DIT.html it's a file called %SystemRoot%\ntds\NTDS.DIT. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of s-williams () nyc rr com Sent: Wednesday, May 30, 2007 5:45 PM To: Ricardo Mourato; listbounce () securityfocus com; pen-test () securityfocus com Subject: Re: Active Directory Pentest Just to clarify you want to know where the users directory (as in OU) or the username and password storage location? If so you need to look for the sam file sometime this is backup in a storage drive before it is transferred to tape. Or just use an app like lcp if you have some can of access right? "A wise man ask questions, a fool is afraid of knowledge" -----Original Message----- From: Ricardo Mourato <ricardomcm () gmail com> Date: Wed, 30 May 2007 10:06:34 To:pen-test () securityfocus com Subject: Active Directory Pentest hi folks, in a costumer network where i'm doing a pentest, i found an Active Directory Server, this one also runs SQL server 2000 SP1, i've found that SQL server doenst have a password on the SA account, so it was easy to get in with NT/SYSTEM, but my question is, where is the AD users directory located? tnks in advice ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Active Directory Pentest Ricardo Mourato (May 30)
- Re: Active Directory Pentest s-williams (May 30)
- RE: Active Directory Pentest ragdelaed (May 30)
- Re: Active Directory Pentest AdamT (May 31)
- Re: Active Directory Pentest Ricardo Mourato (May 31)
- Re: Active Directory Pentest s-williams (May 30)