From: dave kleiman (dave@isecureu.com)
Date: Tue Aug 30 2005 - 20:28:29 EDT
For Microsoft AD domain controller, the NTDS.dit file is the database you
are looking for.
The local SAM file is not going to store the AD users info.
________________________________________________________
Dave Kleiman, CAS, CIFI, CISM, CISSP, ISSAP, ISSMP, MCSE
www.SecurityBreachResponse.com www.ComputerForensicInvestigations.com
> -----Original Message-----
> From: Soluk, Kirk [mailto:kmsoluk@umich.edu]
> Sent: Monday, August 29, 2005 18:18
> To: Charles Gillman; pen-test@securityfocus.com
> Subject: RE: Where are Windows "Enforce password history"
> passwords stored?
>
> On a non-dc there stored in the SAM database (not sure where
> they are stored on a DC).
> Check out Lab 2.2 in this presentation
> http://www.citi.umich.edu/projects/itss/lectures/lecture-07.ppt
> The fifth slide (within Lab 2.2) points to the password history.
> /Kirk
>
> > -----Original Message-----
> > From: Charles Gillman [mailto:charles.gillman@gmail.com]
> > Sent: Sunday, August 28, 2005 9:14 PM
> > To: pen-test@securityfocus.com
> > Subject: Where are Windows "Enforce password history"
> > passwords stored?
> >
> > Can anyone tell me where the "remembered" passwords are stored when
> > the "Enforce password history" is set in Group Policy?
> >
> > If this setting is set to its maximum value of 24 then I
> would expect
> > 24 password hashes are stored for each account for the setting to
> > work. But where?
> >
> > More importantly are there any tools/techniques for accessing the
> > "remembered" passwords?
> >
> > Thanks
> > CG
> >
>
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:48 EDT