-
January 30th, 2004, 10:49 AM
#11
Originally posted here by Desolation_Jam
Now Now
576869746568617 dearo I have a few more questions
1. What is LSA ? ( I am a newbie )
2. What is SID ? ( I am a newbie )
... and I am a confused newbie .....
Thanks neways
Use this link to find more about this words
http://dictionary.reference.com/
// too far away outside of limit
-
January 30th, 2004, 11:19 AM
#12
Junior Member
Download this utility
Desolation_Jam,
There is some utility available for playing with SAM data, I have not used that one but that is available on packetfactory.net.
So search and download it yourself. :idea
-
January 30th, 2004, 11:20 AM
#13
Q: Why do computer scientists confuse Christmas and Halloween?
A: Because Oct 31 = Dec 25
-
January 30th, 2004, 11:24 AM
#14
Junior Member
Download this utility
Desolation_Jam,
There is some utility available for playing with SAM data, I have not used that one but that is available on packetfactory.net.
So search and download it yourself. :idea
-
January 30th, 2004, 11:28 AM
#15
Sheesh. Visit AtStake and buy their LC4 (formerly L0phtCrack). Or brute force the sucker as suggested earlier. You get into trouble, I don't wanna hear about it. It's your problem.
From Whatis Seach on LSA
What is Local Security Authority?
This question posed on 28 June 2001
The Local Security Authority or LSA is a key component of the logon process in both Windows NT and Windows 2000. In Windows 2000, the LSA is responsible for validating users for both local and remote logons. The LSA also maintains the local security policy.
During the local (interactive) logon to a machine, a person enters their name and password to the logon dialog. This information is passed to the LSA, which then calls the appropriate authentication package. The password is sent in a nonreversible secret key format using a one-way hash function. The LSA then queries the SAM database for the user's account information. If the key provided matches the one in the SAM, the SAM returns the users SID and the SIDs of any groups the user belongs to. The LSA then uses these SIDs to generate the security access token.
Whatis.com Search on SID
What is the function of the SID?
This question posed on 15 July 2003
Security identifier (SID) is a unique security identification number assigned to security principals (objects that can be assigned access to objects in Windows). Users, groups and computers are assigned SIDs. This uniquely identifies the user group or computer to the domain or to the local computer if a local account is used. For example, when a user logs on a collection of his SID, the SIDs of groups of which he is a member is made. This list is used when he needs to access a resource -- say, a file. The file has a Discretionary Access List (DACL) that is composed of access control entries (ACE) that include a SID and what permission that SID has on the file. The DACL is checked against the user's list, and a decision can be made whether or not to let him access the file.
-
January 30th, 2004, 03:42 PM
#16
And I thought I stayed up late!
What's your take on the first post, MsMittens? I mean, the SAM is on a floppy, exported from a "friend's computer"........don't you have to have Admin rights to do that?
So there are three possibilities, IMHO:
1.) Friend trusts Desolation Jam enough to export SAM to disk for whatever reason (which is kind of fishy to me, because I don't trust anyone that much) In any event, if the friend trusts Desolation Jam that much, why doesn't Desolation Jam know the Admin User Name and Password?
2.) Desolation Jam exported the SAM from the "friend's computer", which means Desolation already knows the Admin Username and Password.
3.) Desolation Jam stole someone else's ERD and is trying to crack the SAM to get access to the system.
I just don feel obliged to help out on this any more than I already have, but I could be wrong, so here's a link for you to check out:
www.foundstone.com Check out the tools section. Try using user2sid and sid2user, in conjunction with l0phtcrack (LC4) and possibly enum, depending on how you want to go about it. That's all you'll get from me. If you need any more info, Buy the damn book!
-
January 30th, 2004, 03:53 PM
#17
Hey 576869746568617, your avatar looks like Yoshimitsu.
2.) Desolation Jam exported the SAM from the "friend's computer", which means Desolation already knows the Admin Username and Password.
3.) Desolation Jam stole someone else's ERD and is trying to crack the SAM to get access to the system.
You do not need the password to export the SAM. Last time I check, you could not touch SAM in NT unless you used DLL injection.. All you have to do is boot into DoS, or some other OS that can touch the NT partition and then export it.
It can not be number three because he is to stupid to perpetrate number two, and probably does not understand number one. I think he actually wants to crack the password on his own computer that his parents control (only let him on when they want, etc...).
-Cheers-
[Edit]
PS: I r00ted the computer my parents had control of when I thought I was 733t. Lol. I used the method I just said.[/Edit]
-
January 30th, 2004, 04:01 PM
#18
I was talking bout exporting it on an ERD, which would require Administrator, or at the very least, backup, account, or server operator privelages.
Dll injection would work too (and work very well), but if Desolation Jam can't figure out how to do #1,2, or 3, probably won't have a clue how to do that either. That would be the easiest way to do it. Of course, I don't know how dll injection would help crack a SAM that is on floppy and not in use.
I used to think I was 733t cause I could do that too. Boy was I off it!
-
January 30th, 2004, 04:06 PM
#19
Lol. I am just talking about retrieving it. Interesting stuff. Basically DLL injection would allow you to stop the process (the one the if it is running SAM can not be opened), then inject your own DLL (or EXE I think...). Allowing you to C/P the SAM file, then resume the process. I know that is not very technical, but I only read a brief paper on it.
-Cheers-
-
January 30th, 2004, 04:09 PM
#20
Actually, if the admin did rdisk /s (I think that's the command.. bare with me cuz I'm getting old and as we know, memory is the 2nd thing to go), it copies the SAM to the Repair directory, which, last time I checked, be default was "Everyone have access". Yay MS.
MsMittens rolls her eyes
The other way of getting the same is from backup tapes or booting with a DOS disk using NTFSDos. Kinda a nifty old trick.
And naw... I just get up early... I didn't have to today but wanted to do a ride.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|