Re: cracking Y2k DC Admin password

From: s-williams@nyc.rr.com
Date: Mon Sep 25 2006 - 15:38:41 EDT

• Next message: ankur jindal: "Re: Ethical Hacking online course"
• Previous message: Collin R. Mulliner: "Re: Bluetooth Wireless Keyboards"
• In reply to: okrehel@loews.com: "Re: cracking Y2k DC Admin password"
• Next in thread: Devin Ertel: "Re: cracking Y2k DC Admin password"
• Reply: Devin Ertel: "Re: cracking Y2k DC Admin password"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Or if you go to the %systemroot%repair in that folder you should see a backup of the sam and the system file feed that to lcp, saminside, lc5, anyone and you have your passwords.
Sent via BlackBerry from T-Mobile

-----Original Message-----
From: okrehel@loews.com
Date: Mon, 25 Sep 2006 11:20:46
To:juanbabi@yahoo.com
Cc:listbounce@securityfocus.com, pen-test@securityfocus.com
Subject: Re: cracking Y2k DC Admin password

try

- rescue in windows folder and backup sam file from it, it has admin
credentials, johny the riper, LC, and ophcrack will do the job - with hash
tables....
- use cachedump to dump cached credentials on that server, maybe admin was
signed on (default is 5 accounts cached)
- use lsadump2 to dump passwords of running services, maybe some of them is
running with the local admin credentials

Ondrej Krehel, CISSP, CEH

                                                                           
             juanbabi@yahoo.co
             m
             Sent by: To
             listbounce@securi pen-test@securityfocus.com
             tyfocus.com cc
                                                                           
                                                                   Subject
             09/22/2006 08:45 cracking Y2k DC Admin password
             PM
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           

Hi,

for a pen test in doing I got control on the server and logged as the local
admin. know I need to retrive the admin's password this is the goal of the
pen test from the client side. I know an easy way to crack the sam file
with a live linux cd but I cant boot the server it needs to be allways up.
I tried to use pwdump.exe but it tells me he cand find the local ADMIN$
shere. so it wont work.does someone knows a good way to retrive and crack
the admin's password.I an really stuck on this...

thanks very much !

Juan

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW

------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: ankur jindal: "Re: Ethical Hacking online course"
• Previous message: Collin R. Mulliner: "Re: Bluetooth Wireless Keyboards"
• In reply to: okrehel@loews.com: "Re: cracking Y2k DC Admin password"
• Next in thread: Devin Ertel: "Re: cracking Y2k DC Admin password"
• Reply: Devin Ertel: "Re: cracking Y2k DC Admin password"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:01 EDT