• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 163
  • Last Modified:

question about active directory on windows 2000

logged in as an administrator how would i access active directory usernames and passwords?? i hear there saved as .dit files in the ntds folder and if it is as simple as just taking them from there is there any sort of encryption??? to the point of lthe system file for Sam files?
1 Solution
Rich RumbleSecurity SamuraiCommented:
They are saved just as they were before, in the SAM of the controllers. atstake.com/products/lc/requirements.html  and many others are able to dump these still, Admin priviledge is still needed. I've tested, it works. The .DIT files do contain info on the username and such... read here:

http://support.microsoft.com/default.aspx?scid=KB;EN-US;q299656& (how to get the LM hash's out of the SAM- for they are the weakest)

What AD brings to the table as far as AUTH that is better than it used to be, is it's much harder to sniff the wire for password hashes. Kerberose is slightly better, however it's still possible to BF. Ntsecurity.nu has some resources about this. So there are a few ways to get the pass's still, the method hasn't changed much.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now