RE: Syskey on Win2k

2003-02-07 Thread Lachlan McGill
Security-Basics' Sent: 06/02/2003 12:16 PM Subject: RE: Syskey on Win2k I may be wrong in this, but im pretty sure from previous "exercises" that you can't copy the sam data when windows is running. It can be accessed however, when you have admin writes. Which gives LC4 ac

RE: Syskey on Win2k

2003-02-07 Thread Hopkins, Joshua
tel. 801.583.2787 ext 3110 fax. 801.584.5108 [EMAIL PROTECTED] -Original Message- From: James Kelly [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 05, 2003 6:16 PM To: 'Pez Mohr'; [EMAIL PROTECTED]; 'Security-Basics' Subject: RE: Syskey on Win2k I

Re: Syskey on Win2k

2003-02-06 Thread ian tashima
Download a copy of PWDump3 (or whichever is the latest version) to run the SYSKEY-enabled SAM file through. The result can then be processed by L0phtcrack. --- Simon Taplin <[EMAIL PROTECTED]> wrote: > On Windows 2000, Syskey is enabled by default, can I > copy the .sam file from > \winnt\syste

Re: Syskey on Win2k

2003-02-06 Thread Pez Mohr
James Kelly wrote: > I may be wrong in this, but im pretty sure from previous "exercises" > that you can't copy the sam data when windows is running. It can be > accessed however, when you have admin writes. Which gives LC4 access > to the data, and as far as the technet claim, I have seen in my

RE: Syskey on Win2k

2003-02-06 Thread James Kelly
onal experience, LC4 get passwords in minutes. If it does have to bruteforce, this takes considerably longer... Jim -Original Message- From: Pez Mohr [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 05, 2003 3:11 PM To: [EMAIL PROTECTED]; Security-Basics Subject: Re: Syskey on Win2

Re: Syskey on Win2k

2003-02-05 Thread Pez Mohr
Simon Taplin wrote: > On Windows 2000, Syskey is enabled by default, can I copy the .sam > file from \winnt\system32 after booting from bootdisk and then > running LC4 or do I need to run something else first. Just wondering > since I know Syskey is supposed to be 128 encryption. > > Simon AFAIK,

RE: Syskey on Win2k

2003-02-05 Thread Moeckel, Sharon
You need to use pwdump3 on a DC that you have admin privs on, copying the file to your local drive. Then import that file into LC4 - LC4 will use it to do the audit. Then you can export the resulting lcs file to a text file which you can import into Excel to get statistics. -Original Mess

Quote (was: Re: Syskey on Win2k

2003-02-05 Thread Meritt James
Actually, that is an excellent quote for security. If it works, nobody notices. When it doesn't, jail time is a very real alternative. ;-) Jim Simon Taplin wrote: > Quote of the day: > Systems Administration is the kind of job that nobody notices if you're > doing it well. People only take no