Penetration Testing mailing list archives
RE: Password cracking / recovery Lotus Notes R6
From: "Miguel Dilaj" <Miguel.Dilaj () nccgroup com>
Date: Fri, 25 Nov 2005 16:21:23 -0000
Hi Richard, Having access to the box it should be trivial to obtain a copy of the names.nsf and bypass the ACLs (see for techniques on that), or if you've ANY valid user login into Notes and create a COPY (not replica) that will get rid of the ACL anyway. Then get you a copy of Lepton's Crack, and adapt the LotusScript in the readme to incorporate it into your copy of names.nsf and dump all HTTP hashes. If HTTP hashes in the old R4 format are there those can be cracked with Lepton's Crack. Even if Domino is not used perhaps the password is the same for Notes. In regards to Notes itself, its security is pretty good. Basically authentication is like PKI, where you've the ID file for each user that contains the public portion and the private portion encrypted using the user's passphrase... You can still attack (dictionary/bruteforce) ID files, there're a couple programs out there for that purpose. Cheers, Miguel -----Original Message----- From: Richard Zaluski [mailto:rzaluski () ivolution ca] Sent: 25 November 2005 13:38 To: pen-test () securityfocus com Subject: Password cracking / recovery Lotus Notes R6 Hello, Currently I am working with a client to gain access to a Lotus Notes R6 (running on NT) database. We have full access to the box and need to penetrate the passwords on the data bases. Does anyone have tools or techniques they can suggest to achieve this goal? Thanks.... Richard Zaluski CISO, Security and Infrastructure Services iVOLUTION Technologies Incorporated 905.309.1911 866.601.4678 www.ivolution.ca rzaluski () ivolution ca ------------------------------------------------------------------------ ------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------ ------- Miguel Dilaj Pen Test Consultant NCC Group Manchester Technology Centre, Oxford Road, Manchester, M1 7EF Tel: +44 (0)161 209 5459 Mobile: +44 (0)7811 352 848 Fax: +44 (0)161 209 5400 eMail: Miguel.Dilaj () nccgroup com website: www.nccgroup.com *********************************************************************************************************** DISCLAIMER: This e-mail contains proprietary information, some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail. If you are not the intended recipient you may not use, disclose, distribute, copy, print or rely on this e-mail. *********************************************************************************************************** ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Password cracking / recovery Lotus Notes R6, (continued)
- Re: Password cracking / recovery Lotus Notes R6 AdamT (Nov 25)
- Re: Password cracking / recovery Lotus Notes R6 Peter Wood (Nov 25)
- Re: Password cracking / recovery Lotus Notes R6 Francisco Pecorella (Nov 25)
- Re: Password cracking / recovery Lotus Notes R6 dawn (Nov 25)
- Re: Password cracking / recovery Lotus Notes R6 Joachim Schipper (Nov 25)
- Re: Password cracking / recovery Lotus Notes R6 Francois Labreque (Nov 28)
- Re: Password cracking / recovery Lotus Notes R6 AdamT (Nov 28)
- Re: Password cracking / recovery Lotus Notes R6 Joachim Schipper (Nov 28)
- RE: Password cracking / recovery Lotus Notes R6 Richard Zaluski (Nov 28)
- Re: Password cracking / recovery Lotus Notes R6 Francois Labreque (Nov 28)
- Re: Password cracking / recovery Lotus Notes R6 thomas springer (Nov 28)
- RE: Password cracking / recovery Lotus Notes R6 Miguel Dilaj (Nov 25)
- Re: Password cracking / recovery Lotus Notes R6 Simon Marechal (Nov 28)