| To: | <s-williams@nyc.rr.com>, "'Ricardo Mourato'" <ricardomcm@gmail.com>, <pen-test@securityfocus.com> |
|---|---|
| Subject: | RE: Active Directory Pentest |
| From: | "ragdelaed" <ragdelaed@gmail.com> |
| Date: | Wed, 30 May 2007 18:56:09 -0400 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:from:to:references:in-reply-to:subject:date:message-id:mime-version:content-type:content-transfer-encoding:x-mailer:thread-index:content-language; b=BMeq2gn/hv7Sh9BNkjNmryLQtcyRzVcPEkUopHA12MpM5wzMtt1ysMVzxUzKzU/Pnqs1PIiQfBwdweAYuoMxk5EiYzgsGlKBG2PjMSl+4gvzjbcyv+fCvUJvm4OGLdWqOqVs9mQthukQhY41JOzSJCx3WANz6GriP4VFgC5o1FM= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:from:to:references:in-reply-to:subject:date:message-id:mime-version:content-type:content-transfer-encoding:x-mailer:thread-index:content-language; b=RwYU9dvQY6M9QIr5zPeAS3dpvhBW3cOcNxMJCZSWuj6yuTtO7RE1TXM4amYVs/4O+/GEDOvjvA8VeAJNEaDU0+tMVJlYLVrBkk9d7EH+tAKA5itNrducX7LkNvo3sj9XYLC0fjMdyxOHnuRu4t9TE05oBXW1+Rz0h/xnjmXBmqM= |
| In-reply-to: | <2012529345-1180561416-cardhu_blackberry.rim.net-490586690-@bxe008-cell01.bisx.prod.on.blackberry> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| References: | <37a35c400705300206x5b205673r6e29df274d3ce4e5@mail.gmail.com> <2012529345-1180561416-cardhu_blackberry.rim.net-490586690-@bxe008-cell01.bisx.prod.on.blackberry> |
| Resent-date: | Thu, 31 May 2007 00:16:05 -0600 (MDT) |
| Resent-from: | pen-test-return-1078484289@securityfocus.com |
| Resent-message-id: | <20070531061605.C40D923721D@outgoing3.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
| Thread-index: | AcejDOpZyMyybqAeRdeuxnrBpK5NHwAAJ4WQ |
http://www.windowsnetworking.com/kbase/WindowsTips/Windows2000/AdminTips/Act iveDirectory/ActiveDirectorydatabasefileNTDS.DIT.html it's a file called %SystemRoot%\ntds\NTDS.DIT. -----Original Message----- From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On Behalf Of s-williams@nyc.rr.com Sent: Wednesday, May 30, 2007 5:45 PM To: Ricardo Mourato; listbounce@securityfocus.com; pen-test@securityfocus.com Subject: Re: Active Directory Pentest Just to clarify you want to know where the users directory (as in OU) or the username and password storage location? If so you need to look for the sam file sometime this is backup in a storage drive before it is transferred to tape. Or just use an app like lcp if you have some can of access right? "A wise man ask questions, a fool is afraid of knowledge" -----Original Message----- From: Ricardo Mourato <ricardomcm@gmail.com> Date: Wed, 30 May 2007 10:06:34 To:pen-test@securityfocus.com Subject: Active Directory Pentest hi folks, in a costumer network where i'm doing a pentest, i found an Active Directory Server, this one also runs SQL server 2000 SP1, i've found that SQL server doenst have a password on the SA account, so it was easy to get in with NT/SYSTEM, but my question is, where is the AD users directory located? tnks in advice ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Disclosure of vulns and its legal aspects..., Morning Wood |
|---|---|
| Next by Date: | Re: Citrix Pen Test,, sherwyn . williams |
| Previous by Thread: | Re: Active Directory Pentest, s-williams |
| Indexes: | [Date] [Thread] [Top] [All Lists] |