Penetration Testing mailing list archives
RE: Password Crack an OU in Windows 2003
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Wed, 10 Oct 2007 08:26:17 -0700
That's only if SYSKEY has been enabled and the admin has chosen to store the key on a floppy. To answer the OP's question though, I've never seen any tool that tries to match up an account with a particular OU. AFA storage of an account in directory services is concerned, the OU doesn't matter- it's just a reference pointer. Since you'll have to be an admin to get to the SAM/AD password hashes anyway, just dump them all and remove the other accounts you are "not authorized" to crack before cracking them. Easy enough ;) t -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Jan Heisterkamp Sent: Tuesday, October 09, 2007 10:35 AM To: Matthew Webster; pen-test () securityfocus com Subject: Re: Password Crack an OU in Windows 2003 Matthew Webster schrieb:
Hello, I"m trying to find a way to password crack all the accounts in one OU within a Windows 2003 domain. I am not authorized to password crack outside of that OU. I've used a few tools in the past for password cracking, but none were specific enough to run on a specific OU. Does anyone have any suggestions?
"To **crack passwords in the AD-database, the attacker needs physical access to both the Active Directory database and the floppy disk with the system key". Is this given? saludos Jan ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Password Crack an OU in Windows 2003 Matthew Webster (Oct 09)
- Re: Password Crack an OU in Windows 2003 Jan Heisterkamp (Oct 09)
- RE: Password Crack an OU in Windows 2003 Thor (Hammer of God) (Oct 10)
- <Possible follow-ups>
- Re: Re: Password Crack an OU in Windows 2003 ben . dexter (Oct 10)
- Re: Re: Password Crack an OU in Windows 2003 Matthew Webster (Oct 10)
- Re: Re: Password Crack an OU in Windows 2003 jfvanmeter (Oct 11)
- Re: Password Crack an OU in Windows 2003 Jan Heisterkamp (Oct 09)