Penetration Testing mailing list archives

Re: [PEN-TEST] NT Passwors Cracking

From: "Beauregard, Claude Q" <CQBeauregard () AAAMICHIGAN COM>
Date: Thu, 30 Nov 2000 15:29:35 -0500

Yeah the opnly problem is that I have to be local on the server. I'm going
to try putting VNC on the server to see if I can execute it using Hyena.

-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf
Of Ryan Russell
Sent: Thursday, November 30, 2000 1:18 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] NT Passwors Cracking

On Wed, 29 Nov 2000, Beauregard, Claude Q wrote:

Question: I used to L0phtcrack to download the hashes from the registry of
an NT server. The password hashes are  Syskeyed so L0phtcrack isn't going

to

work (I believe I'm correct on this). I don't have direct access to the NT
server the hashes were downloaded from. Is there a way to save the hashes

to

a file and run the file through another utility that will decrypt the
hashes.


I'm not aware of any work that has been done on attacking the syskey
crypto algorithms.  There is a newer version of pwdump that will get the
real hashes if you've got a way to bo back to the machine to get another
dump.

                                        Ryan

Current thread:

Re: [PEN-TEST] NT Passwors Cracking Ryan Russell (Dec 01)
- <Possible follow-ups>
- Re: [PEN-TEST] NT Passwors Cracking mvanaswegen (Dec 01)
- Re: [PEN-TEST] NT Passwors Cracking Conor Crowley (Dec 01)
- Re: [PEN-TEST] NT Passwors Cracking Beauregard, Claude Q (Dec 01)
- Re: [PEN-TEST] NT Passwors Cracking Beauregard, Claude Q (Dec 01)