RE: Windows 2003 - Dumping Service Passwords

From: Larry Seltzer (Larry@larryseltzer.com)
Date: Fri Nov 24 2006 - 06:35:21 EST

• Next message: Faheem SIDDIQUI: "Generating awareness amongst IT staff"
• Previous message: Goran Pizent: "RE: Windows 2003 - Dumping Service Passwords"
• In reply to: one2@onetwo.com: "Re: Windows 2003 - Dumping Service Passwords"
• Next in thread: Jerome Athias: "Re: Windows 2003 - Dumping Service Passwords"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

>>If you have an account on the server then you can use Cain on your
local Windows machine to install the backdoor service Abel onto the
server via SMB, which will then let you dump the LSA Secrets and NT
Hashes.

Doesn't this require Domain Administrator privileges?

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.eweek.com/blogs/larry%5Fseltzer/
Contributing Editor, PC Magazine
larryseltzer@ziffdavis.com

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Faheem SIDDIQUI: "Generating awareness amongst IT staff"
• Previous message: Goran Pizent: "RE: Windows 2003 - Dumping Service Passwords"
• In reply to: one2@onetwo.com: "Re: Windows 2003 - Dumping Service Passwords"
• Next in thread: Jerome Athias: "Re: Windows 2003 - Dumping Service Passwords"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:21 EDT