From: Spam (spam@drwetter.org)
Date: Thu Nov 23 2006 - 07:52:34 EST
Hi Jason,
there are several versions of pwdump out there and other tools like Cain
& Abel. A few months back however none of them wa able to dump the PWs
for 64Bit 2003, but none of them rebooted the server. Tested on 4 machines.
Cheers,
Dirk
Jason wrote:
> I am currently conducting a penetration test and have compromised a Windows 2003 server which is a domain member server and have admin privs. I have noticed the system has numerous services which are running through domain accounts and some of those accounts are domain admins.
>
> I understand the passwords for the services are stored in the LSA and I would like to dump them. I have tried lsadump2 and this just hangs and finally reboots the server. What other tools can I use on W2K3 to dump these passwords?
>
> I would prefer to use something that does not need to be installed with an installer and does not require the server to be rebooted if that is possible.
>
> Any help appreciated.
>
> J
-- Dirk Wetter, Dr. Wetter IT Consulting IT Security + Open Source http://drwetter.org Key fingerprint = 2AD6 BE0F 9863 C82D 21B3 64E5 C967 34D8 11B7 C62F ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:21 EDT