Re: Re: Password Crack an OU in Windows 2003

From: jfvanmeter@comcast.net
Date: Thu Oct 11 2007 - 03:08:20 EDT

• Next message: jond: "Re: Running metasploit thru proxytunnel"
• Previous message: lovewadhwa@secaudi.com: "Re: RE: false positive in Wikto Google Hacking"
• Maybe in reply to: Jan Heisterkamp: "Re: Password Crack an OU in Windows 2003"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Good Morning everyone, did you do that with domain admin rights or anonymously? There are group policy settings to restrict anonymous ldap queries of AD.

Take Care and Have Fun --John

 -------------- Original message ----------------------
From: Matthew Webster <awakenings@mindspring.com>
> Folks,
>
> I performed an LDAPquery and listed the users in the OU. I just used pwdump
> to collect all of the information from the domain then greped out the pertinent
> hashes.
>
> Thanks,
>
> Matt
>
> -----Original Message-----
> >From: ben.dexter@act.gov.au
> >Sent: Oct 10, 2007 2:44 AM
> >To: pen-test@securityfocus.com
> >Subject: Re: Re: Password Crack an OU in Windows 2003
> >
> >No you don't. However, the main issue appears to be cracking a limited subset
> of the AD database.
> >
> >Michael, assuming you have been able to dump the username/hashes from a DC to a
> file could you just get a listing of the appropriate users (net group? I'm going
> on a leap of faith that they will all have at least one group in common as they
> are all in the same OU, or use Hyena etc) and filter out all of the other
> username/hashes prior to cracking?
> >
> >Ben.
> >
> >------------------------------------------------------------------------
> >This list is sponsored by: Cenzic
> >
> >Need to secure your web apps NOW?
> >Cenzic finds more, "real" vulnerabilities fast.
> >Click to try it, buy it or download a solution FREE today!
> >
> >http://www.cenzic.com/downloads
> >------------------------------------------------------------------------
> >
>
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

• Next message: jond: "Re: Running metasploit thru proxytunnel"
• Previous message: lovewadhwa@secaudi.com: "Re: RE: false positive in Wikto Google Hacking"
• Maybe in reply to: Jan Heisterkamp: "Re: Password Crack an OU in Windows 2003"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:09 EDT