Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Password Audit

From: Chao Mu <chao.mu () minorcrash com>
Date: Tue, 7 Dec 2010 17:01:45 -0500
I'd like to see if there is a quicker way to do this. Currently I login to
the DC's, run pwdump6, pull the output to one of my servers, and then run it
through ophcrack.....and then manually make a report for the client.
--Chris


fgdump (http://www.foofus.net/~fizzgig/fgdump/fgdump-usage.htm) will
allow you to conduct the process remotely. What you're trying to do is
documented here:
http://packratstudios.com/index.php/2008/02/27/how-to-recover-a-windows-domain-account-password/

On Tue, Dec 7, 2010 at 1:15 PM, chris serafin <chrisserafin () gmail com> wrote:

I'd like to see if there is a quicker way to do this. Currently I login to
the DC's, run pwdump6, pull the output to one of my servers, and then run it
through ophcrack.....and then manually make a report for the client.
--Chris

On Tue, Dec 7, 2010 at 8:14 AM, Peter Fraser <petros.fraser () gmail com>
wrote:


Hi All
I want to do a password audit on my network to make sure users are
using fairly complex passwords. Is there a way I can do that in
Metasploit? I wasn't able to find the info I needed so far so even a
link to where I can find the info would be much appreciated.

Thanks.
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: