I am new to the forum and immediately would like to pop a question…
I did some searches before posting, so I hope i did not overlook this question if it was asked before !
Situation : Win 2003 domain controller -active directory (updates,latest service packs)
This server is online on the public internet with windows remote desktop enabled.
I was asked to “test” if the passwords are strong as part of a security exercise.
I have access to the machine.
There are a number of users with admin rights.
–> We want to check if their passwords are strong.
I used to do a similar exercise on linux, where I would copy the password file, (in /etc/ directory) and then run a bruteforce password cracker (e.g. john the ripper) on a seperate machine for a few hours/days. This without interupting service on the main server.
Now I wonder how to do something similar on win2k3
Since it is a critical machine, I cannot power down the machine (e.g. and boot from some sort of password recovery software disk), install software like a password cracker (preferably not on this machine itself), or bring the CPU to 100%
What I would want to do is to copy the “password files” onto another machine, and run a password cracker there.
I think /winnt/system32/config has the “sam” files containing the hashed passwords ?
However I cannot copy this file since “file in use”…
Does anybody know a procedure, or a good way to export the password files and test these (the password strength) on another machine -without disrupting the service on the domain controller.
You must be logged in to reply to this topic.
Create a free account today to participate in forum conversations, comment on posts and more.