| To: | Goran Pizent <goran.pizent@ekobit.hr> |
|---|---|
| Subject: | Re: Windows 2003 - Dumping Service Passwords |
| From: | Michael Wood <itnetsec@gmail.com> |
| Date: | Fri, 24 Nov 2006 03:51:16 -0500 |
| Cc: | 'Jason' <turbo4wd@yahoo.com>, pen-test@lists.securityfocus.com |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Domainkey-signature: | a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:disposition-notification-to:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:x-enigmail-version:openpgp:content-type:content-transfer-encoding; b=G1Ze3YtGL7LM+qpZXWsyPSDFiMGXAqtQp1UE24RTc4tdvO7L0/FJufAswA/uxX3kYFLekBUwNqFF4V2YYy68fp9VHKi2S9X9Ccy2FNbZgtEcbhHvf3plPgRRUGPsJR4S9vQgduVqoea4uC6SDOBxrUcnfLB/cVcZVZF1mbAEcc0= |
| In-reply-to: | <002801c70e16$9a4c0090$5200a8c0@ekobit.hr> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| Openpgp: | id=FAE0443F; url=pgp.mit.edu |
| References: | <002801c70e16$9a4c0090$5200a8c0@ekobit.hr> |
| Resent-date: | Fri, 24 Nov 2006 00:54:47 -0700 (MST) |
| Resent-from: | pen-test-return-1078483039@securityfocus.com |
| Resent-message-id: | <20061124075447.F3797236F63@outgoing3.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
| User-agent: | Thunderbird 2.0a1 (Windows/20060724) |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Goran Pizent wrote: > Hello Jason, > > Try this one. http://www.nirsoft.net/utils/lsa_secrets_dump.html > > > Hope that helps, GoranP > > > > > -----Original Message----- From: listbounce@securityfocus.com > [mailto:listbounce@securityfocus.com] On Behalf Of Jason Sent: > Tuesday, November 21, 2006 1:19 PM To: > pen-test@lists.securityfocus.com Subject: Windows 2003 - Dumping > Service Passwords > > I am currently conducting a penetration test and have compromised a > Windows 2003 server which is a domain member server and have admin > privs. I have noticed the system has numerous services which are > running through domain accounts and some of those accounts are > domain admins. > > I understand the passwords for the services are stored in the LSA > and I would like to dump them. I have tried lsadump2 and this just > hangs and finally reboots the server. What other tools can I use on > W2K3 to dump these passwords? > > I would prefer to use something that does not need to be installed > with an installer and does not require the server to be rebooted if > that is possible. > > Any help appreciated. > > J > > > > ____________________________________________________________________________ > ________ Sponsored Link > > Online degrees - find the right program to advance your career. > www.nextag.com > > ------------------------------------------------------------------------ > This List Sponsored by: Cenzic > > Need to secure your web apps? Cenzic Hailstorm finds > vulnerabilities fast. Click the link to buy it, try it or download > Hailstorm for FREE. > http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000 > 0008bOW > ------------------------------------------------------------------------ > > > > > > ------------------------------------------------------------------------ > This List Sponsored by: Cenzic > > Need to secure your web apps? Cenzic Hailstorm finds > vulnerabilities fast. Click the link to buy it, try it or download > Hailstorm for FREE. > http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW > > > ------------------------------------------------------------------------ > > > > or try cain and abel http://www.oxid.it/cain.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (MingW32) iQIVAwUBRWaygwvRrbv64EQ/AQqSfw//TEEIoDCMfYovMk1fdFQAggULEL17kJWg jNGIU8PzvxecQFzuRALgshJt1TAqlggpoNM/R16cEzqDTqx04gjLjKNbToR7bmSP 0qv7ODrRIJQJXY2jUNu+3n/zPnd7YI1PBo2t1Cc07xW4SSv97G41FNichhupL/wZ Ud/O36q1jTX8fnK3Ayft/BEKQn1rBA8JRklZ34jittc6lSy61aQ01Hw/pvXhlc6N n/RYNeZyZe+L/9OPLpVAq/Bir4dfz0vpIpmVjHOOJFlX8p2QklAYqHzOutAh8a7+ tU72TFbM6LWxM5g052tVmhvgFcZKixPPdSpE8gVV1NW6UbYG94/Q0MWV9nYRg8+n vH3yQIOv1zFbH0iEgt5+01pCr3lUe5qu5oUxsfKcrr8t7Pr3hLh14wDPCYmVw/Z8 hw0GzE5Jy29CE1g+P9K2U/s74WcHSFvtrV1SdfcTC5NG3Xmt+aHanZGM4wC7l0pz qdX1su4pHM8jJ65rPJ8+V9lps80kz6qH2ipOAJL/KKot13l5cYxpNKiE3z22Z7H8 XAPJA6Vk3PDIh9CPPvaGpJo2sQ/NQRcxdZmsX72ifZo8iUE0xG1VyntWzUoR6mQI NhYekP0uKqLspOLlH2uIZ3ML1IYCrEwq0V0bqwCqmNIZV28d7DR9ljd4u1UHK9RH 2jIiw9N7gSg= =PZkB -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: dictionary files?, Michael Wood |
|---|---|
| Next by Date: | Re: Windows 2003 - Dumping Service Passwords, Spam |
| Previous by Thread: | RE: Windows 2003 - Dumping Service Passwords, Goran Pizent |
| Next by Thread: | RE: Windows 2003 - Dumping Service Passwords, Goran Pizent |
| Indexes: | [Date] [Thread] [Top] [All Lists] |