Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: cracking Y2k DC Admin password

from [killy] Network Security [Permanent Link]
Subject: Re: cracking Y2k DC Admin password
Date: Thu, 28 Sep 2006 16:24:58 -0400 
Hi Juan,

Try this.

If the Domain Admin has recently logged into the server, simply run 'dumpcache'.

If you have the Domain Admins hash, then you run John the Ripper or
Cain and Able to crack it.

Follow carefully,

with Cain program running, select cracker--> then highlight MS-cache
hashes --> then select the '+' sign.

this will dump ms-cache on your local pc.

now go into program files/cain and look for cache.lst. open it and
view the format of the captured hash.

compare it to the output of the dumpcahce program.

simply copy your dump cache into the cache.lst in the Cain format.

now open Cain and you will see your captured hash from the domain admin account.

Now you can either brute force it or use the Rainbow table option.


I hope that was clear. Sorry I am in a hurry.

feel free to contact me off line.

On 23 Sep 2006 00:45:03 -0000, juanbabi@yahoo.com <juanbabi@yahoo.com> wrote: 
Hi,


for a pen test in doing I got control on the server and logged as the local 
admin. know I need to retrive the admin's password this is the goal of the pen 
test from the client side. I know an easy way to crack the sam file with a live 
linux cd but I cant boot the server it needs to be allways up. I tried to use 
pwdump.exe but it tells me he cand find the local ADMIN$ shere. so it wont 
work.does someone knows a good way to retrive and crack the admin's password.I 
an really stuck on this...


thanks very much !

Juan

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------




--
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Implication of forced http GET request (Web App PT), Marvin Simkin
Next by Date:  RE: XML File Inclusion and Path Traversal Attacks (was RE: XML Port Scanning), Mark Mcdonald
Previous by Thread:  Re: cracking Y2k DC Admin password, Lee Lawson
Next by Thread:  RE: cracking Y2k DC Admin password, Shenk, Jerry A
Indexes:  [Date] [Thread] [Top] [All Lists]