Penetration Testing mailing list archives
Re: Password Audit (AD Domain hashes)
From: ThoughtCancer <thoughtcancer () gmail com>
Date: Fri, 4 Jun 2010 22:50:56 -0700
Hi Josh, I regularly use pwdumpx to pull AD hashes and I love it as an audit tool. I don't necessarily focus on the contents of ntds.dit as much as a full hash rip with integrity, no matter how that comes. Of course, you have to have rooted AD to fully use pwdumpx but that's a given as you either have the credentials already or gained root during the blind portion of the test. That said, pwdumpx imports nicely into cain where your RT's can dig into them. I've tried a few other tools but by far pwdumpx is my favorite on Windows systems. If you need a copy, I can point you in the right direction as well. -TC On Jun 3, 2010, at 8:24 AM, Josh_smith wrote:
Hi Guys, I have just searched the old threads around password audits/auditing, and it seems most have only focused on SAM dumps for local accounts. I wanted to audit the hashes for AD domain member accounts that from my research live in ntds.dit (not seen much info on the structure of this file). Are there any tools that dump hashes from the AD Database ntds.dit so I can import them into Cain/John/Ophcrack etc? PwdumpX sounded promising but havent got a working copy and cannot find a download for it. I have used Pwdump7 which is great but it only extracts data from SAM/SYSTEM registry hives and isnt suitable for domain hashes in ntds.dit, however I havent heard of any tool to get them... Look forward to any replies as I am sure people have audited domain passwords as opposed to local passwords? Best Regards, Josh -- View this message in context: http://old.nabble.com/Password-Audit-%28AD-Domain-hashes%29-tp28769030p28769030.html Sent from the Penetration Testing mailing list archive at Nabble.com. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Password Audit (AD Domain hashes) Josh_smith (Jun 03)
- Re: Password Audit (AD Domain hashes) Juan Pablo Perez Etchegoyen (Jun 08)
- RE: Password Audit (AD Domain hashes) Kevin Short (Jun 08)
- Re: Password Audit (AD Domain hashes) Jeff Testman (Jun 08)
- Re: Password Audit (AD Domain hashes) Mike Duncan (Jun 08)
- Re: Password Audit (AD Domain hashes) Jeff Testman (Jun 08)
- Re: Password Audit (AD Domain hashes) Mike Duncan (Jun 08)
- Re: Password Audit (AD Domain hashes) ThoughtCancer (Jun 08)
- RE: Password Audit (AD Domain hashes) Paul Melson (Jun 08)