[Samba] Being able to read password hashes
Stuart Naylor
stuartiannaylor at thursbygarden.org
Mon Jul 21 10:21:33 MDT 2014
With any Microsoft active directory server you can not get access to read password hashes you can only change them.
Its the fact I can get the hash so easily and also ever-body else's.
I am not all that bothered as for this sysadmin its a Brucie Bonus.
Irrespective of the website if its not there all I need to do is throw some cuda cores at http://hashcat.net/hashcat/ and one way or another I will get it.
Should the hashes be so easily available was my main question?
I was just wondering what others thought, seems cool enough.
Stuart
-----Original message-----
> From:Rowland Penny <rowlandpenny at googlemail.com>
> Sent: Monday 21st July 2014 10:24
> To: sambalist <samba at lists.samba.org>
> Subject: Re: [Samba] Being able to read password hashes
>
> On 21/07/14 10:02, Philippe.Simonet at swisscom.com wrote:
> > not cracking : ntlm hash database lookup.
>
> Same difference, the OP said he put a unicodePwd password into a webpage
> that deals with NTLM passwords and got his plain password back, or are
> you missing the point?
>
> Rowland
> >
> >> -----Original Message-----
> >> From: samba-bounces at lists.samba.org [mailto:samba-
> >> bounces at lists.samba.org] On Behalf Of Rowland Penny
> >> Sent: Monday, July 21, 2014 10:46 AM
> >> To: samba at lists.samba.org
> >> Subject: Re: [Samba] Being able to read password hashes
> >>
> >> On 21/07/14 09:29, Stuart Naylor wrote:
> >>> ldbsearch -H /var/lib/samba/private/sam.ldb
> >> '(&(objectclass=person)(name=Administrator))' name unicodePwd
> >>> # record 1
> >>> dn: CN=Administrator,CN=Users,DC=office,DC=zentyal,DC=lan
> >>> name: Administrator
> >>> unicodePwd:: kXh1DQFudwnw+lnHhubyUw==
> >>>
> >>> http://www.hashkiller.co.uk/ntlm-decrypter.aspx just took 242ms to return
> >> my password
> >> Are you sure? you put a unicodePwd into something that cracks ntlm
> >> passwords and got your plain password back??
> >>
> >> Rowland
> >>
> >>> Only zent1 as its just a VM running a test of Zentyal3.5
> >> --
> >> To unsubscribe from this list go to the following URL and read the
> >> instructions: https://lists.samba.org/mailman/options/samba
>
>
>
More information about the samba
mailing list