[Samba] Being able to read password hashes

Mon Jul 21 03:52:11 MDT 2014

Am 21.07.2014 10:29, schrieb Stuart Naylor:
> ldbsearch -H /var/lib/samba/private/sam.ldb '(&(objectclass=person)(name=Administrator))' name unicodePwd
>
> # record 1
> dn: CN=Administrator,CN=Users,DC=office,DC=zentyal,DC=lan
> name: Administrator
> unicodePwd:: kXh1DQFudwnw+lnHhubyUw==
>
> http://www.hashkiller.co.uk/ntlm-decrypter.aspx just took 242ms to return my password
>
> Only zent1 as its just a VM running a test of Zentyal3.5
Because this website uses an database of decrypted hashes and zent1 is 
in that database.