From: Goran Pizent (goran.pizent@ekobit.hr)
Date: Fri Nov 24 2006 - 03:59:35 EST
Yes, Cain and Abel is very good (one of the best if I may say), but as I
recall you have to install it on the machine and Jason prefer tool that does
not require installation.
GoranP
-----Original Message-----
From: Michael Wood [mailto:itnetsec@gmail.com]
Sent: Friday, November 24, 2006 9:51 AM
To: Goran Pizent
Cc: 'Jason'; pen-test@lists.securityfocus.com
Subject: Re: Windows 2003 - Dumping Service Passwords
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Goran Pizent wrote:
> Hello Jason,
>
> Try this one. http://www.nirsoft.net/utils/lsa_secrets_dump.html
>
>
> Hope that helps, GoranP
>
>
>
>
> -----Original Message----- From: listbounce@securityfocus.com
> [mailto:listbounce@securityfocus.com] On Behalf Of Jason Sent:
> Tuesday, November 21, 2006 1:19 PM To:
> pen-test@lists.securityfocus.com Subject: Windows 2003 - Dumping
> Service Passwords
>
> I am currently conducting a penetration test and have compromised a
> Windows 2003 server which is a domain member server and have admin
> privs. I have noticed the system has numerous services which are
> running through domain accounts and some of those accounts are
> domain admins.
>
> I understand the passwords for the services are stored in the LSA
> and I would like to dump them. I have tried lsadump2 and this just
> hangs and finally reboots the server. What other tools can I use on
> W2K3 to dump these passwords?
>
> I would prefer to use something that does not need to be installed
> with an installer and does not require the server to be rebooted if
> that is possible.
>
> Any help appreciated.
>
> J
>
>
>
>
____________________________________________________________________________
> ________ Sponsored Link
>
> Online degrees - find the right program to advance your career.
> www.nextag.com
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps? Cenzic Hailstorm finds
> vulnerabilities fast. Click the link to buy it, try it or download
> Hailstorm for FREE.
>
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
> 0008bOW
> ------------------------------------------------------------------------
>
>
>
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps? Cenzic Hailstorm finds
> vulnerabilities fast. Click the link to buy it, try it or download
> Hailstorm for FREE.
>
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
>
>
> ------------------------------------------------------------------------
>
>
>
>
or try cain and abel http://www.oxid.it/cain.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
iQIVAwUBRWaygwvRrbv64EQ/AQqSfw//TEEIoDCMfYovMk1fdFQAggULEL17kJWg
jNGIU8PzvxecQFzuRALgshJt1TAqlggpoNM/R16cEzqDTqx04gjLjKNbToR7bmSP
0qv7ODrRIJQJXY2jUNu+3n/zPnd7YI1PBo2t1Cc07xW4SSv97G41FNichhupL/wZ
Ud/O36q1jTX8fnK3Ayft/BEKQn1rBA8JRklZ34jittc6lSy61aQ01Hw/pvXhlc6N
n/RYNeZyZe+L/9OPLpVAq/Bir4dfz0vpIpmVjHOOJFlX8p2QklAYqHzOutAh8a7+
tU72TFbM6LWxM5g052tVmhvgFcZKixPPdSpE8gVV1NW6UbYG94/Q0MWV9nYRg8+n
vH3yQIOv1zFbH0iEgt5+01pCr3lUe5qu5oUxsfKcrr8t7Pr3hLh14wDPCYmVw/Z8
hw0GzE5Jy29CE1g+P9K2U/s74WcHSFvtrV1SdfcTC5NG3Xmt+aHanZGM4wC7l0pz
qdX1su4pHM8jJ65rPJ8+V9lps80kz6qH2ipOAJL/KKot13l5cYxpNKiE3z22Z7H8
XAPJA6Vk3PDIh9CPPvaGpJo2sQ/NQRcxdZmsX72ifZo8iUE0xG1VyntWzUoR6mQI
NhYekP0uKqLspOLlH2uIZ3ML1IYCrEwq0V0bqwCqmNIZV28d7DR9ljd4u1UHK9RH
2jIiw9N7gSg=
=PZkB
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:21 EDT