Metasploit mailing list archives
Re: Simple script to swap hashes in SAM ..
From: John Nash <rootsecurityfreak () gmail com>
Date: Wed, 8 Sep 2010 09:39:47 +0530
Daniel, As i mentioned, i am aware I can create a new user or simply change the existing user's password. I was merely checking if there could be a 3rd novel way to solve this problem. On Tue, Sep 7, 2010 at 10:45 PM, Daniel Clemens < daniel.clemens () packetninjas net> wrote:
On Sep 7, 2010, at 4:18 AM, John Nash wrote:Hello List, While trying some post exploitation, one of the major issues i guess isto login to the system as a user over rdp. Hrm. A screenshot seems to be worth a thousand words.We can do this in a couple of ways: • create a new user <--- will create alarmsWho really cares if it creates alarms. Seriously 99% of the time the response time will be nominal and no one will respond so why worry about it. If you have the ability to create accounts then its most likely game over already and you've exploited what needs to be exploited to prove insecurity.• change the password of existing user in case of (2) i was wondering would it be possible to just swap theexisting hash with a new one (we now the password which hashes to this one) .... then do all we need to on the remote system ....then just replace the old hash for the original password back into theSAM. Or crack the hashes so you know the password.Is there any reason why this should not be possible? If yes, ameterepreter script could do this job very easily ....thoughts?It seems like your asking the wrong questions. My rule of thumb with any assessment or engagement is to first assess if I am asking the wrong questions. If I'm asking the wrong questions I'll always get the wrong answers. Though this is a novel idea, I don't think its that valuable in the long run. | Daniel Uriah Clemens | Packetninjas L.L.C | | http://www.packetninjas.net | c. 205.567.6850 | | o. 866.267.8851 "Moments of sorrow are moments of sobriety"
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Simple script to swap hashes in SAM .. John Nash (Sep 07)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Simple script to swap hashes in SAM .. John Nash (Sep 07)
- Re: Simple script to swap hashes in SAM .. ricky-lee birtles (Sep 07)
- Re: Simple script to swap hashes in SAM .. John Nash (Sep 07)
- Re: Simple script to swap hashes in SAM .. Carlos Perez (Sep 07)
- Re: Simple script to swap hashes in SAM .. Robin Wood (Sep 07)
- Re: Simple script to swap hashes in SAM .. John Nash (Sep 07)
- Message not available
- Message not available
- Re: Simple script to swap hashes in SAM .. John Nash (Sep 07)