|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: AD password Auditing
From: Rochford, Paul (paul.rochford
hp.com)
Date: Sun Aug 07 2005 - 08:49:18 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
You used to get the SAM file off a running server by running rdisk /s-,
it will make a copy on the existing one. It's the copy of the SAM you
retrieve. Also not sure AD stores credentials in the same way as Classic
NT Domains, so you may be looking in the wrong place. Someone I'm sure
can verify this.
Kind Regards,
Paul Rochford
-----Original Message-----
From: Joe Traband [mailto:jtrabandtruarx.com]
Sent: Friday, August 05, 2005 8:36 PM
To: pen-testlists.securityfocus.com
Subject: Re: AD password Auditing
You are looking for the SAM file, but I'm sure you've found out that you
can't just copy the SAM file off a running machine. There are two ways
to get the SAM file.
1) Get the backed up SAM file (only can be done if a boot disk was made
with the right options selected) Or
2) Boot into some variant of Linux and get the SAM file
A good tutorial, with step-by-step instructions can be found at
http://www.irongeek.com/i.php?page=security/localsamcrack2
After you have the SAM file, you'll want to run John the Ripper or LC3
(LC5 if you have some money) against the file.
I have yet to find a way to copy the SAM file off a running server. If
anyone can do that, please let me know!
-Joe
-----Original Message-----
From: Lohan Spies [mailto:lohan.spiesifs-sa.co.za]
Sent: Friday, August 05, 2005 7:43 AM
To: 'pen-testsecurityfocus.com'
Subject: AD password Auditing
Hi there,
I want to know how can I copy the AD (Active Directory) database so that
I can run a password cracking tool against the accounts?
Could someone please point me in the right direction regarding the tools
to use and how to copy the db?
Thanks
------------------------------------------------------------------------
------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You
Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
------------------------------------------------------------------------
-------
------------------------------------------------------------------------
------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You
Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
------------------------------------------------------------------------
-------
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]