Penetration Testing mailing list archives
RE: Password audits
From: "Isaac Van Name" <ivanname () southerlandsleep com>
Date: Wed, 25 Oct 2006 11:00:25 -0500
To get around the risk of crashing LSASS, I'd perform a Windows backup of the Windows directory and look for the backup SAM file in the Windows/Repair folder. As seems to be expected on mailing lists, here's a link: http://www.infowar.com/forums/showthread.php?threadid=6886 Enjoy. Isaac Van Name Systems Administrator Southerland, Inc. ivanname () southerlandsleep com "What good would you do with an ignorant employee? Ignorance is grounds for dismissal..." - Mario Spinthiras Open Source developing at its finest: "Written in vim, W3C valid and UTF-8 encoded, for her pleasure." Disclaimer: This email is intended only to be used to feign intellectual mastery of a subject or superhuman command of the English language, when profanity is involved. By reading this email, you are agreeing to cease all correspondence with the sender upon realizing your own ignorance, and furthermore to refrain from taking legal action against said sender when your compounding ignorance crushes your inadequate self-esteem. Have a nice day. Original> -----Original Message----- Original> From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] Original> On Behalf Of xelerated Original> Sent: Monday, October 23, 2006 7:01 AM Original> To: pen-test () securityfocus com Original> Subject: Password audits Original> Original> I have been given the task of doing a password audit. Original> No problem, except I can use pwdump for the slight risk of Original> having to reboot a DC. Original> Original> I know there are many ways to get a pw dump from a DC but my question Original> is this. Original> What is the safest way to get that, so that you dont risk having a DC Original> need to reboot Original> or have to install software on the DC? Original> Original> In the past I have used pwdump, different versions, and usually i Original> didnt have to reboot the box, but there was that rare occasion that Original> that it made lsass puke and had to be rebooted. Original> Original> Thanks in advance for your input. Original> Original> Chris Original> Original> ------------------------------------------------------------------------ Original> This List Sponsored by: Cenzic Original> Original> Need to secure your web apps? Original> Cenzic Hailstorm finds vulnerabilities fast. Original> Click the link to buy it, try it or download Hailstorm for FREE. Original> http://www.cenzic.com/products_services/download_hailstorm.php?camp Original> =701600000008bOW Original> ------------------------------------------------------------------------ Original> ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Password audits xelerated (Oct 24)
- Re: Password audits pand0ra (Oct 24)
- Re: Password audits shaun (Oct 24)
- RE: Password audits Paul Melson (Oct 25)
- RE: Password audits Isaac Van Name (Oct 25)
- Re: Password audits Lanny Trager (Oct 26)
- <Possible follow-ups>
- RE: Password audits Scott Ramsdell (Oct 25)