Security-Basics'
Sent: 06/02/2003 12:16 PM
Subject: RE: Syskey on Win2k
I may be wrong in this, but im pretty sure from previous "exercises"
that you can't copy the sam data when windows is running. It can be
accessed however, when you have admin writes. Which gives LC4 ac
tel. 801.583.2787 ext 3110
fax. 801.584.5108
[EMAIL PROTECTED]
-Original Message-
From: James Kelly [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 05, 2003 6:16 PM
To: 'Pez Mohr'; [EMAIL PROTECTED]; 'Security-Basics'
Subject: RE: Syskey on Win2k
I
Download a copy of PWDump3 (or whichever is the latest
version) to run the SYSKEY-enabled SAM file through.
The result can then be processed by L0phtcrack.
--- Simon Taplin <[EMAIL PROTECTED]> wrote:
> On Windows 2000, Syskey is enabled by default, can I
> copy the .sam file from
> \winnt\syste
James Kelly wrote:
> I may be wrong in this, but im pretty sure from previous "exercises"
> that you can't copy the sam data when windows is running. It can be
> accessed however, when you have admin writes. Which gives LC4 access
> to the data, and as far as the technet claim, I have seen in my
onal experience, LC4 get passwords in minutes. If it does have to
bruteforce, this takes considerably longer...
Jim
-Original Message-
From: Pez Mohr [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 05, 2003 3:11 PM
To: [EMAIL PROTECTED]; Security-Basics
Subject: Re: Syskey on Win2
Simon Taplin wrote:
> On Windows 2000, Syskey is enabled by default, can I copy the .sam
> file from \winnt\system32 after booting from bootdisk and then
> running LC4 or do I need to run something else first. Just wondering
> since I know Syskey is supposed to be 128 encryption.
>
> Simon
AFAIK,
You need to use pwdump3 on a DC that you have admin privs on, copying the file to your
local drive. Then import that file into LC4 - LC4 will use it to do the audit. Then
you can export the resulting lcs file to a text file which you can import into Excel
to get statistics.
-Original Mess
Actually, that is an excellent quote for security. If it works, nobody
notices. When it doesn't, jail time is a very real alternative. ;-)
Jim
Simon Taplin wrote:
> Quote of the day:
> Systems Administration is the kind of job that nobody notices if you're
> doing it well. People only take no