Export Active Directory passwords ?

Hello
our security team asks me if it is possible to export the Active Directory password for a given user. It seems that we are victim of far east hackers and they would like to understand how this happened. We are using WIndows Server 2003 R2.

Pierrot
siufAsked:
Who is Participating?
 
GMontag451Commented:
Use fgdump (http://www.foofus.net/~fizzgig/fgdump/downloads.htm) to export passwords from AD. You can give it a list of usernames to dump the encrypted passwords for, or you can dump the whole lot.
0
 
Krzysztof PytkoSenior Active Directory EngineerCommented:
Nope, this is not possible. You can use some hacker's tools to guess password but it is not very nice. By default it is not possible to export passwords in clear text.
0
 
siufAuthor Commented:
I do not want the passwords in clear text! I could have asked the question in another form: where does AD store the passwords ? My task is to give the password of a user to the security team, no to crack that password.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Krzysztof PytkoSenior Active Directory EngineerCommented:
All AD information is stored on domain controller in NTDS.DIT database. If you have enabled "Logon cache" on your workstations then actual password is stored in user's profile in NTUSER.DAT file.
0
 
siufAuthor Commented:
I have 2 ntds.dit files: one stored in c:\windows\system32 which is 6 MB big, dated Feb. 2007, and another one which is 532 MB big, dated today, stored in c:\windows\ntds. Which one is the good one ? I suppose it's the bigger one.
0
 
Krzysztof PytkoSenior Active Directory EngineerCommented:
yes, that file located in c:\windows\ntds is the valid one
0
 
siufAuthor Commented:
Ok, thank you. Last question: I found in our GPO Default Domain Policy that we use "Store passwords using reversible encryption --> disabled". I understand this as "even if I can get the encrypted password, I will not be able to decrypt it". Right ?
0
 
siufAuthor Commented:
Thank you, I got finally a dump file which I can send to the security team.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.