Jump to content
Sign in to follow this  
schuydorsey

Cracking local domain cached credentials

Recommended Posts

schuydorsey

All of the material I have encountered in regards to cracking Windows passwords covers the cracking of the local SAM file very well. I am wondering if any of you have found good reference material on locating/cracking the cached domain credentals on a computer.

The only helpful item I have found so far is a program that has to be installed on the Windows machine and then you can go through the GUI to work to crack all of the cached domain credentials; I don't think this seems too practical in a penetration testing sense.

The program I did find: http://www.passcape.com/domain_cached_passwords

Thanks in advance for any pointers or links!

Share this post


Link to post
icic21

Thank you for sharing, now I will read it. :)

I think: Another method for obtaining the credential is a MITM on the network and then try to force the hash obtained.

All of the material I have encountered in regards to cracking Windows passwords covers the cracking of the local SAM file very well. I am wondering if any of you have found good reference material on locating/cracking the cached domain credentals on a computer.

The only helpful item I have found so far is a program that has to be installed on the Windows machine and then you can go through the GUI to work to crack all of the cached domain credentials; I don't think this seems too practical in a penetration testing sense.

The program I did find: http://www.passcape.com/domain_cached_passwords

Thanks in advance for any pointers or links!

Share this post


Link to post
matugm

Hi,

you can use John the Ripper,I think you need it with the jumbo patch for this http://www.openwall.com/john/

john --format:mscash hash.txt

or hashcat http://hashcat.net/hashcat/

or Cain&Abel http://www.oxid.it/cain.html if you have the SYSTEM and SECURITY hives

btw you won't be able to use rainbow tables for this since it uses a salt (the username)

also here is an interesting document about password cracking

http://tools.question-defense.com/Cracking_Passwords_Guide.pdf

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
×