From: Prashant Meswani (prashant.meswani@ukonline.co.uk)
Date: Thu Jun 30 2005 - 08:46:05 EDT
Try using pwdump2
(http://www.bindview.com/Services/RAZOR/Utilities/Windows/pwdump2_readme.cfm
). It's a useful tool that might help you.
Regards,
Prashant Meswani, CEH
The opinions expressed in this email are those of my own and does not
represent those of any organisation or associations to which I belong to
unless stated otherwise.
-----Original Message-----
From: nordicsmak@yahoo.com [mailto:nordicsmak@yahoo.com]
Sent: 28 June 2005 20:03
To: pen-test@securityfocus.com
Subject: Sam File via IIS flaw
During a recent penetration test I've discovered a flaw in the IIS server
that allows me to browse to and view any file on the system.
I'm able to browse to the /winnt/repair/sam file, but it obviously is
unusable in the format that's presented in the browser.
Any way to get this file in a format that can be used in L0pht?
Thanks,
Chris
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:30 EDT