Metasploit mailing list archives

Simple script to swap hashes in SAM ..

From: John Nash <rootsecurityfreak () gmail com>
Date: Tue, 7 Sep 2010 14:48:13 +0530

Hello List,

While trying some post exploitation, one of the major issues i guess is to
login to the system as a user over rdp.

We can do this in a couple of ways:


   1. create a new user <--- will create alarms
   2. change the password of existing user


in case of (2) i was wondering would it be possible to just swap the
existing hash with a new one (we now the password which hashes to this one)
.... then do all we need to on the remote system ....
then just replace the old hash for the original password back into the SAM.

Is there any reason why this should not be possible? If yes, a meterepreter
script could do this job very easily ....

thoughts?

Rgds,

jn

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

Simple script to swap hashes in SAM .. John Nash (Sep 07)
- Message not available
  - Message not available
    - Message not available
    - Message not available
    - Message not available
    - Re: Simple script to swap hashes in SAM .. John Nash (Sep 07)
    - Re: Simple script to swap hashes in SAM .. ricky-lee birtles (Sep 07)
    - Re: Simple script to swap hashes in SAM .. John Nash (Sep 07)
    - Re: Simple script to swap hashes in SAM .. Carlos Perez (Sep 07)
    - Re: Simple script to swap hashes in SAM .. Robin Wood (Sep 07)
    - Re: Simple script to swap hashes in SAM .. John Nash (Sep 07)
- Re: Simple script to swap hashes in SAM .. Daniel Clemens (Sep 07)
  - Re: Simple script to swap hashes in SAM .. John Nash (Sep 07)