[Samba] Being able to read password hashes

Rowland Penny rowlandpenny at googlemail.com
Mon Jul 21 02:45:37 MDT 2014


On 21/07/14 09:29, Stuart Naylor wrote:
> ldbsearch -H /var/lib/samba/private/sam.ldb '(&(objectclass=person)(name=Administrator))' name unicodePwd
>
> # record 1
> dn: CN=Administrator,CN=Users,DC=office,DC=zentyal,DC=lan
> name: Administrator
> unicodePwd:: kXh1DQFudwnw+lnHhubyUw==
>
> http://www.hashkiller.co.uk/ntlm-decrypter.aspx just took 242ms to return my password
Are you sure? you put a unicodePwd into something that cracks ntlm 
passwords and got your plain password back??

Rowland

>
> Only zent1 as its just a VM running a test of Zentyal3.5



More information about the samba mailing list