From: okrehel@loews.com
Date: Mon Jan 03 2005 - 12:12:40 EST
If user runs any ms service under his domain credentials, lsadump2 will do
it. (dumps LSA secrets)
You probably want cashed domain credentials from pc, and pwdump only dumps
local SAM
database. Pwdump3 dumps remotely domain login credentials, but I think you
need to be at least
local admin on domain controller, or domain admin.
Cain and Abel will sniff it.
Ondrej
Geoffroy
Raimbault
<graimbault@lynx- To
technologies.com> "pen-test@securityfocus.com"
<pen-test@securityfocus.com>
01/03/2005 04:13 cc
AM
Subject
Re: pwdump 2 & 3
Take a look at this presentation from Jesper M. Johansson
"Windows Passwords: Everything You Need To Know"
http://202.181.238.2/hk/teched2004/ppt/Day_2_Rm402/WIN495(1500-1615).ppt
Some slides are about the logon credentials hashs.
Geoffroy
Guillaume Lavoix wrote:
>Hello,
>
>Does anyone knows if it is posible with pwdump to get the information
>About a logged on user.
>
>For instance, If I log on my computer, I use a domain logon, and when I
>execute pwdump I only see local user....
>
>Any idea ?
>
>Thanks for your help,
>
>Sincerely,
>Guillaume
>
>
>
>
-- Geoffroy Raimbault Consultant en Sécurité des Systèmes d'Information Lynx Technologies 28 rue Vignon 75009 Paris Tel: 01 43 12 99 10 http://www.lynx-technologies.com
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:11 EDT