Re: Offline sam dump?

["Erik Birkholz" <erik () foundstone com>]

Do you want to crack passwords or own the box? You intentions are unclear. Are you limited to logical network access or 
can you physically touch the server?  If so, are you doing a local host review?


---------------------------------------
(Msg from BlackBerry Wireless Handheld)
---------------------------------------
Erik Pace Birkholz - CISSP, MCSE
Foundstone, Inc.
Strategic Security

Read Special Ops and mount an assault to eradicate network negligence today. www.SpecialOpsSeries.com

[Tel] 949.297.5591
[Cel] 323.252.5916
[Fax] 949.297.5575
[pgp] https://www.foundstone.com/pgpkeys/erik-birkholz.asc

-----Original Message-----
From: Mark Melonson <markmelonson () hotmail com>
To: pen-test () securityfocus com <pen-test () securityfocus com>
Sent: Tue Jan 27 17:33:32 2004
Subject: Offline sam dump?

Greetings,

I'm conducting a small scale pen-test for a client... I have conducted a 
remote assesment and am now starting on internal testing. They are using 
fully patched Win2k Pro boxes, with WinXPs scattered amogsnt the network 
(Win2k Servers). I know about pwdump2-3e, but need to dump the SAM without a 
local Admin account. I have used the Linux bootdisk method to rewrite the 
hash, but I need something to use with John. Thanx...

-BlindTechie

_________________________________________________________________
Rethink your business approach for the new year with the helpful tips here. 
http://special.msn.com/bcentral/prep04.armx


---------------------------------------------------------------------------
----------------------------------------------------------------------------



---------------------------------------------------------------------------
----------------------------------------------------------------------------