Re: Password Audit (AD Domain hashes)

[Mike Duncan <Mike.Duncan () noaa gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Looks like FooFus is having some issues. The website was down when I
last tried. Is there another place to look over thread archives for this
list?

Thanks.

Mike Duncan
ISSO, Application Security Specialist
Government Contractor with STG, Inc.
NOAA :: National Climatic Data Center


On 06/03/2010 04:34 PM, Jeff Testman wrote:
> Josh,
>
> As another resource you may want to jump over to the
> foofus-tools-request () lists foofus net list and ask.  A lot of info
> concerning pwdump6 and large AD domains was covered the last few
> weeks.
>
> - Jeff
>
> On Thu, Jun 3, 2010 at 10:24 AM, Josh_smith <pentestuk__ () hotmail co uk> wrote:
> > Hi Guys,
> >
> > I have just searched the old threads around password audits/auditing, and it
> > seems most have only focused on SAM dumps for local accounts. I wanted to
> > audit the hashes for AD domain member accounts that from my research live in
> > ntds.dit (not seen much info on the structure of this file). Are there any
> > tools that dump hashes from the AD Database ntds.dit so I can import them
> > into Cain/John/Ophcrack etc? PwdumpX sounded promising but havent got a
> > working copy and cannot find a download for it. I have used Pwdump7 which is
> > great but it only extracts data from SAM/SYSTEM registry hives and isnt
> > suitable for domain hashes in ntds.dit, however I havent heard of any tool
> > to get them...
> >
> > Look forward to any replies as I am sure people have audited domain
> > passwords as opposed to local passwords?
> >
> > Best Regards,
> >
> > Josh
> > --
> > View this message in context: http://old.nabble.com/Password-Audit-%28AD-Domain-hashes%29-tp28769030p28769030.html
> > Sent from the Penetration Testing mailing list archive at Nabble.com.
> >
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: Information Assurance Certification Review Board
> >
> > Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> > and CEPT certs require a full practical examination in order to become certified.
> >
> > http://www.iacertification.org
> > ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified. 
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwOc9cACgkQnvIkv6fg9hYh6wCgh8yk6mgoTb874spnxwdg3Zim
PD8AnRQ8BGdU3Ge4IpqWzg6hu8tUQCO/
=IY5p
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------