[Samba] Being able to read password hashes

Rowland Penny rowlandpenny at googlemail.com
Mon Jul 21 03:24:47 MDT 2014

On 21/07/14 10:02, Philippe.Simonet at swisscom.com wrote:
> not cracking : ntlm hash database lookup.

Same difference, the OP said he put a unicodePwd password into a webpage 
that deals with NTLM passwords and got his plain password back, or are 
you missing the point?

>> -----Original Message-----
>> From: samba-bounces at lists.samba.org [mailto:samba-
>> bounces at lists.samba.org] On Behalf Of Rowland Penny
>> Sent: Monday, July 21, 2014 10:46 AM
>> To: samba at lists.samba.org
>> Subject: Re: [Samba] Being able to read password hashes
>> On 21/07/14 09:29, Stuart Naylor wrote:
>>> ldbsearch -H /var/lib/samba/private/sam.ldb
>> '(&(objectclass=person)(name=Administrator))' name unicodePwd
>>> # record 1
>>> dn: CN=Administrator,CN=Users,DC=office,DC=zentyal,DC=lan
>>> name: Administrator
>>> unicodePwd:: kXh1DQFudwnw+lnHhubyUw==
>>> http://www.hashkiller.co.uk/ntlm-decrypter.aspx just took 242ms to return
>> my password
>> Are you sure? you put a unicodePwd into something that cracks ntlm
>> passwords and got your plain password back??
>> Rowland
>>> Only zent1 as its just a VM running a test of Zentyal3.5
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list