Penetration Testing mailing list archives
Re: cracking Y2k DC Admin password
From: s-williams () nyc rr com
Date: Mon, 25 Sep 2006 19:38:41 +0000
Or if you go to the %systemroot%repair in that folder you should see a backup of the sam and the system file feed that
to lcp, saminside, lc5, anyone and you have your passwords.
Sent via BlackBerry from T-Mobile
-----Original Message-----
From: okrehel () loews com
Date: Mon, 25 Sep 2006 11:20:46
To:juanbabi () yahoo com
Cc:listbounce () securityfocus com, pen-test () securityfocus com
Subject: Re: cracking Y2k DC Admin password
try
- rescue in windows folder and backup sam file from it, it has admin
credentials, johny the riper, LC, and ophcrack will do the job - with hash
tables....
- use cachedump to dump cached credentials on that server, maybe admin was
signed on (default is 5 accounts cached)
- use lsadump2 to dump passwords of running services, maybe some of them is
running with the local admin credentials
Ondrej Krehel, CISSP, CEH
juanbabi () yahoo co
m
Sent by: To
listbounce@securi pen-test () securityfocus com
tyfocus.com cc
Subject
09/22/2006 08:45 cracking Y2k DC Admin password
PM
Hi,
for a pen test in doing I got control on the server and logged as the local
admin. know I need to retrive the admin's password this is the goal of the
pen test from the client side. I know an easy way to crack the sam file
with a live linux cd but I cant boot the server it needs to be allways up.
I tried to use pwdump.exe but it tells me he cand find the local ADMIN$
shere. so it wont work.does someone knows a good way to retrive and crack
the admin's password.I an really stuck on this...
thanks very much !
Juan
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Current thread:
- cracking Y2k DC Admin password juanbabi (Sep 23)
- RE: cracking Y2k DC Admin password Bud Gordon (Sep 24)
- Re: cracking Y2k DC Admin password s-williams (Sep 24)
- Re: cracking Y2k DC Admin password okrehel (Sep 25)
- Re: cracking Y2k DC Admin password s-williams (Sep 25)
- Re: cracking Y2k DC Admin password Devin Ertel (Sep 26)
- Re: cracking Y2k DC Admin password Hari Sekhon (Sep 27)
- Re: cracking Y2k DC Admin password Jerome Athias (Sep 27)
- Re: cracking Y2k DC Admin password Machiavel (Sep 27)
- Re: cracking Y2k DC Admin password Lee Lawson (Sep 28)
- Re: cracking Y2k DC Admin password s-williams (Sep 25)
- <Possible follow-ups>
- RE: cracking Y2k DC Admin password Shenk, Jerry A (Sep 24)
- RE: cracking Y2k DC Admin password Hiten Pankhania (Sep 25)
- Re: RE: cracking Y2k DC Admin password philippe (Sep 25)
- cracking Y2k DC Admin password Steve Armstrong (Sep 25)