Re: Windows XP / 2K3 Default Users

From: Machiavel (pierreluc.giguere@gmail.com)
Date: Sat Oct 28 2006 - 17:15:43 EDT

• Next message: crazy frog crazy frog: "Re: How do you monetize your skills?"
• Previous message: ml01: "Re: l0phtcrack"
• Maybe in reply to: s-williams@nyc.rr.com: "Windows XP / 2K3 Default Users"
• Next in thread: pand0ra: "Re: Windows XP / 2K3 Default Users"
• Reply: pand0ra: "Re: Windows XP / 2K3 Default Users"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi list,

That brings another question. Guys, what is your source for rainbow
tables. I mean are you generating them or you just downloaded them
somwhere.

Mines are still generating :)

Thanks

--
Machiavel
On 10/26/06, ep <captgoodnight@hotmail.com> wrote:
> I crack these routinely when pentesting/playing, granted, it's by pushing
> the sam through rainbow tables, thus admin access...
> Basically, any sam once in hand, is cracked these days via rainbowtables.
> There're ways to prevent this from happening, but most admins don't go that
> extra step...
>
> --cg
>
> -----Original Message-----
> From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
> Behalf Of Joey Peloquin
> Sent: Wednesday, October 25, 2006 12:38 PM
> To: s-williams@nyc.rr.com; Pen-Testing
> Subject: Re: Windows XP / 2K3 Default Users
>
> s-williams@nyc.rr.com wrote:
> > Hello list this might be an easy question to answer but have anyone
> >been sucessful in using windows built in default accounts when doing a
> >password audit. I
> know  most
> >xp machines has (help assitant and support_xxxxxxxx). Is their a
> >default
> list out
> >there some where with various vendor OS  passwords, or a way to figure
> >out the password for these accounts.
> > Sent via BlackBerry from T-Mobile
>
> You can try to crack them through normal means, but it'd likely be a futile
> act since a) they are randomized and *extremely* complex (as far as I
> recall) and b) even my ~13 year old knows to restrict these accounts.  There
> are clueless admins out there though, so, *shrug*.
>
> -jp
>
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
> 0008bOW
> ------------------------------------------------------------------------
>
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: crazy frog crazy frog: "Re: How do you monetize your skills?"
• Previous message: ml01: "Re: l0phtcrack"
• Maybe in reply to: s-williams@nyc.rr.com: "Windows XP / 2K3 Default Users"
• Next in thread: pand0ra: "Re: Windows XP / 2K3 Default Users"
• Reply: pand0ra: "Re: Windows XP / 2K3 Default Users"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:15 EDT