Penetration Testing mailing list archives

RE: Offline NT/2000 Registry & Password Editor

From: Frank Knobbe <FKnobbe () KnobbeITS com>
Date: Mon, 11 Jun 2001 15:16:39 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

-----Original Message-----
From: Hostfarm Security [mailto:security.lists () hostfarm net]
Sent: Monday, June 11, 2001 7:43 AM

Anyone else use this utility instead of trying to lookup the 
passwords with
L0phtCrack?

http://home.eunet.no/~pnordahl/ntpasswd/



Yup. It's a great tool. Requires physical access though. And a word
of caution: If SysKey was enabled on the server, it will remove
SysKey, and with it all other passwords. So, if you need to grab an
account from a production server, and SysKey is enabled and you don't
want to reset a gazillion accounts, use l0phtcrack instead. If there
are only a few local machine accounts (for services), this Linux boot
disk can save the day quickly.

Regards,
Frank


-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME encrypted email preferred.

iQA/AwUBOyUnJ5ytSsEygtEFEQL0FACcDKshdoRiyU6RAbWODLVo+6NV0FIAnAyZ
g2UYE+BIfBCuhPipHFLUkuOE
=P0l1
-----END PGP SIGNATURE-----

Current thread:

RE: Offline NT/2000 Registry & Password Editor Frank Knobbe (Jun 11)
- <Possible follow-ups>
- RE: Offline NT/2000 Registry & Password Editor Brewis, Mark (Jun 12)