Re: Re: Password Crack an OU in Windows 2003

From: ben.dexter@act.gov.au
Date: Wed Oct 10 2007 - 02:44:50 EDT

Next message: Alexander Bondarenko: "Re: Running metasploit thru proxytunnel"
Previous message: Danux: "Re: SQL Injection- Bypassing magic_quotes"
Maybe in reply to: Jan Heisterkamp: "Re: Password Crack an OU in Windows 2003"
Next in thread: Thor (Hammer of God): "RE: Password Crack an OU in Windows 2003"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) No you don't. However, the main issue appears to be cracking a limited subset of the AD database.

Michael, assuming you have been able to dump the username/hashes from a DC to a file could you just get a listing of the appropriate users (net group? I'm going on a leap of faith that they will all have at least one group in common as they are all in the same OU, or use Hyena etc) and filter out all of the other username/hashes prior to cracking?

Ben.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Next message: Alexander Bondarenko: "Re: Running metasploit thru proxytunnel"
Previous message: Danux: "Re: SQL Injection- Bypassing magic_quotes"
Maybe in reply to: Jan Heisterkamp: "Re: Password Crack an OU in Windows 2003"
Next in thread: Thor (Hammer of God): "RE: Password Crack an OU in Windows 2003"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:09 EDT