Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 02 Feb 2007 16:44:53 +0000
From: Hari Sekhon <hpsekhon@...glemail.com>
To:  john-users@...ts.openwall.com
Subject: Windows Domain Account Cracking

Hi,
   I've used jtr for quite some time now and previously I have used 
pwdump and cachedump on windows to get the hashes to crack. However, I 
would like to do something a little grander this time to get all the 
domain account/hashes dumped from my Windows 2003 Active Directory 
domain. I have admin access to the domain controllers (not surprising 
since I'm the primary admin of the domain) and expect I can probably do 
this by running something similar to pwdump or cachedump.

If I recall correctly, pwdump only works for local accounts and 
cachedump only works for cached domain accounts.
So what I am looking for is a way of going to the domain controller, 
running some command and have it dump all the accounts and their hashes 
for auditing.

Does anybody know of such a program/method to get the hashes?


Thanks

-h

-- 
Hari Sekhon


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.