Interesting problem. I was trying to use pwdump3 to download the hashes from an NT server. The problem is that this server will not allow access to the admin share. However I was able to gain access to the C$ using Hyena and a admin equivalent user account which also does not have access to the admin share. I was able to access the repair directory and get the compressed sam and expanded it. The file appears to be encrypted using the Syskey. Any ideas on how to get pass the encryption. I thought that there was a way to use pwdump3 to do this but its looking for a server name not a file name. -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Jun 29 2001 - 08:05:24 PDT