Re: [PEN-TEST] NT Passwors Cracking

[Conor Crowley <conor_crowley () HOTMAIL COM>]

It would be much easier if you had physical access. (Even just a
walk-by/stick in a floppy in/hit reset/come back 3 minutes later/remove
floppy/hit reset)....or some way of loading alternate OS (script a quite
install of remote control software..?, then using boot-magic/partition magic
& other OS, you could do this remotely, but make sure you test the hell out
of it!! otherwise you could easily end up with a hung machine. Also SYSKEY
has an option to require a floppy, which if enabled, is going to cause you
problems in the remote scenario).

Anyway, if this is possible, check http://home.eunet.no/~pnordahl/ntpasswd/

Otherwise http://razor.bindview.com/publish/advisories/adv_WinNT_syskey.html

..and find a good programmer.

..Conor



> From: "Beauregard, Claude Q" <CQBeauregard () AAAMICHIGAN COM>
> Reply-To: Penetration Testers <PEN-TEST () SECURITYFOCUS COM>
> To: PEN-TEST () SECURITYFOCUS COM
> Subject: [PEN-TEST] NT Passwors Cracking
> Date: Wed, 29 Nov 2000 12:13:29 -0500
>
> Question: I used to L0phtcrack to download the hashes from the registry of
> an NT server. The password hashes are  Syskeyed so L0phtcrack isn't going
> to
> work (I believe I'm correct on this). I don't have direct access to the NT
> server the hashes were downloaded from. Is there a way to save the hashes
> to
> a file and run the file through another utility that will decrypt the
> hashes.
>
> Thanks
> C

_____________________________________________________________________________________
Get more from the Web.  FREE MSN Explorer download : http://explorer.msn.com