RE: Where are Windows "Enforce password history" passwords stored?

From: Steve A (pen.test.mail@logicallysecure.org)
Date: Tue Aug 30 2005 - 17:31:06 EDT

• Next message: Michael Scheidell: "RE: Business justification for pentesting"
• Previous message: Adam Chesnutt: "Re: Business justification for pentesting"
• In reply to: Charles Gillman: "Where are Windows "Enforce password history" passwords stored?"
• Next in thread: totiebash@cox.net: "Re: Where are Windows "Enforce password history" passwords stored?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

CG

I asked the same question of NT4 a few years ago on the NTBugtraq list. Russ
did a good summary here
http://archives.neohapsis.com/archives/ntbugtraq/2003-q3/0033.html.

Steve Armstrong

Steve @ logicallysecure.org

-----Original Message-----
From: Charles Gillman [mailto:charles.gillman@gmail.com]
Sent: 29 August 2005 02:14
To: pen-test@securityfocus.com
Subject: Where are Windows "Enforce password history" passwords stored?

Can anyone tell me where the "remembered" passwords are stored when the
"Enforce password history" is set in Group Policy?

If this setting is set to its maximum value of 24 then I would expect 24
password hashes are stored for each account for the setting to work. But
where?

More importantly are there any tools/techniques for accessing the
"remembered" passwords?

Thanks
CG

• Next message: Michael Scheidell: "RE: Business justification for pentesting"
• Previous message: Adam Chesnutt: "Re: Business justification for pentesting"
• In reply to: Charles Gillman: "Where are Windows "Enforce password history" passwords stored?"
• Next in thread: totiebash@cox.net: "Re: Where are Windows "Enforce password history" passwords stored?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:48 EDT