Penetration Testing mailing list archives

Re: [PEN-TEST] Hard-coded passwords in WINNT directory?

From: William Salusky <saluskyw () EBALANCE COM>
Date: Mon, 27 Nov 2000 17:09:09 -0800

This is the result of running an rdisk /s to write repair files locally (for
secure storage in a central location) :)

-----Original Message-----
From: Plague, Grandmaster [mailto:GrandmastrPlague () AOL COM]
Sent: Monday, November 27, 2000 3:19 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Hard-coded passwords in WINNT directory?

In a recent pen-test,  I discovered a different configuration for where the
sam._ file may be. Instead of winnt/system32/repair/sam._ , this system had
it's sam._ file in winnt/repair/sam._  This was the first configuration I
had
seen like this. The sam._ files were intact. Just thought you might like to
give that a try.

Grandmaster Plague

Current thread:

[PEN-TEST] Hard-coded passwords in WINNT directory? Jonathan Wrathall (Nov 28)
- Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Times Enemy (Nov 28)
- Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Ryan Russell (Nov 28)
- Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Tom Vandepoel (Nov 29)
- Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Kris Carlier (Nov 29)
- <Possible follow-ups>
- Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Plague, Grandmaster (Nov 28)
- Re: [PEN-TEST] Hard-coded passwords in WINNT directory? William Salusky (Nov 28)
- Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Loschiavo, Dave (Nov 29)
- Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Davidson,Sam (Nov 29)
  - Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Erik "the Style" Pace (Nov 29)
  - Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Andreas Junestam (Nov 30)
- Re: [PEN-TEST] Hard-coded passwords in WINNT directory? Loschiavo, Dave (Nov 29)