[Samba] Being able to read password hashes
Rowland Penny
rowlandpenny at googlemail.com
Mon Jul 21 03:24:47 MDT 2014
On 21/07/14 10:02, Philippe.Simonet at swisscom.com wrote:
> not cracking : ntlm hash database lookup.
Same difference, the OP said he put a unicodePwd password into a webpage
that deals with NTLM passwords and got his plain password back, or are
you missing the point?
Rowland
>
>> -----Original Message-----
>> From: samba-bounces at lists.samba.org [mailto:samba-
>> bounces at lists.samba.org] On Behalf Of Rowland Penny
>> Sent: Monday, July 21, 2014 10:46 AM
>> To: samba at lists.samba.org
>> Subject: Re: [Samba] Being able to read password hashes
>>
>> On 21/07/14 09:29, Stuart Naylor wrote:
>>> ldbsearch -H /var/lib/samba/private/sam.ldb
>> '(&(objectclass=person)(name=Administrator))' name unicodePwd
>>> # record 1
>>> dn: CN=Administrator,CN=Users,DC=office,DC=zentyal,DC=lan
>>> name: Administrator
>>> unicodePwd:: kXh1DQFudwnw+lnHhubyUw==
>>>
>>> http://www.hashkiller.co.uk/ntlm-decrypter.aspx just took 242ms to return
>> my password
>> Are you sure? you put a unicodePwd into something that cracks ntlm
>> passwords and got your plain password back??
>>
>> Rowland
>>
>>> Only zent1 as its just a VM running a test of Zentyal3.5
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list