Re: LophtCrack and SAM Passwd

To:	William Woodhams <William.Woodhams@wegmans.com>
Subject:	Re: LophtCrack and SAM Passwd
From:	jm <jm@hcn.com.au>
Date:	Thu, 21 Dec 2006 16:06:12 +1100
Cc:	pen-test@securityfocus.com
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
In-reply-to:	<69F15C0E359E384FB660D550512C6864262138@CRP865.wfm.wegmans.com>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<69F15C0E359E384FB660D550512C6864262138@CRP865.wfm.wegmans.com>
Resent-date:	Wed, 20 Dec 2006 22:16:20 -0700 (MST)
Resent-from:	pen-test-return-1078483300@securityfocus.com
Resent-message-id:	<20061221051620.372D823763C@outgoing3.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com
User-agent:	Thunderbird 1.5.0.8 (X11/20061109)

Hi Bill,

I'm not a lawyer, but first thing i'd be doing is taking an image of thedisk with dd or similar, and working on the image rather than theoriginal disk, otherwise its use as evidence might be compromised.


Cheers,

Jason

William Woodhams wrote:

I have a system that recently got hacked and the passwords on the
machine were compromised.  I want to get back into this system for
forensic reasons.  Unfortunately when I dumped the SAM file and tried
cracking it with LophtCrack nothing worked.  I ran it for a good 10
hours with no success on any account.  I was thinking maybe my word list
was not big enough.  So the questions are:

A.  Anyone have any good sources for large word lists?
B.  Any other application for cracking SAM's that I have not thought of?
I have ran it through a couple smaller security apps (names escape me at
the moment.)

Thanks,

Bill Woodhams

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Pen-testing - pricing model, (continued) Re: Pen-testing - pricing model, Clint Laskowski Re: Pen-testing - pricing model, Christine Kronberg Re: Pen-testing - pricing model, Davide Carnevali Re: Pen-testing - pricing model, Christine Kronberg Re: Pen-testing - pricing model, Davide Carnevali LophtCrack and SAM Passwd, William Woodhams Re: LophtCrack and SAM Passwd, Jerome Athias Re: LophtCrack and SAM Passwd, Justin Lintz Re: LophtCrack and SAM Passwd, killy Re: LophtCrack and SAM Passwd, Brendan Dolan-Gavitt Re: LophtCrack and SAM Passwd, jm <= Re: Pen-testing - pricing model, intel96 Re: Pen-testing - pricing model, Kish Pent Re: Pen-testing - pricing model, Sels, Roger Re: Pen-testing - pricing model, sami.ghourabi Re: Pen-testing - pricing model, crazy frog crazy frog Re: Pen-testing - pricing model, intel96 Re: Pen-testing - pricing model, Stefano Zanero Re: Pen-testing - pricing model, Ozan Ozkara Re: Pen-testing - pricing model, intel96 Re: Pen-testing - pricing model, Lee Lawson

Previous by Date:	Port 1443, kapil assudani
Next by Date:	RE: Port 1443, Andy Meyers
Previous by Thread:	Re: LophtCrack and SAM Passwd, Brendan Dolan-Gavitt
Next by Thread:	Re: Pen-testing - pricing model, intel96
Indexes:	[Date] [Thread] [Top] [All Lists]