Active Directory Password Hash Extraction
2013-05-09 09:24
337 查看
Just added a tool for offline Active Directory password hash extraction.
It has very basic functionality right now but much more is planned.
Usage is very simple and only requires 2 parameters.
ntds_decode <SYSTEM> <ntds.dit>
SYSTEM is registry hive and ntds.dit is the database, both from a domain controller.
These files are obviously locked so you need to backup using the Volume Shadow Copy Service.
The output format is similar to pwdump and only runs on Windows at the moment.
LM and NTLM hashes are extracted from active user accounts only.
ntds_decode mounts the SYSTEM file so Administrator access is required on the computer you run it on.
If you’re an experienced pen tester or Administrator that would like to test this tool, you can grab from
here
It’s advisable you don’t use the tool unless you know what you’re doing.
Source isn’t provided at the moment because it’s too early to release.
If you have questions about it, feel free to e-mail the address provided in README.txt
It has very basic functionality right now but much more is planned.
Usage is very simple and only requires 2 parameters.
ntds_decode <SYSTEM> <ntds.dit>
SYSTEM is registry hive and ntds.dit is the database, both from a domain controller.
These files are obviously locked so you need to backup using the Volume Shadow Copy Service.
The output format is similar to pwdump and only runs on Windows at the moment.
LM and NTLM hashes are extracted from active user accounts only.
ntds_decode mounts the SYSTEM file so Administrator access is required on the computer you run it on.
If you’re an experienced pen tester or Administrator that would like to test this tool, you can grab from
here
It’s advisable you don’t use the tool unless you know what you’re doing.
Source isn’t provided at the moment because it’s too early to release.
If you have questions about it, feel free to e-mail the address provided in README.txt
相关文章推荐
- Windows Azure Active Directory (4) China Azure AD Self Password Reset
- Login to Symantec Endpoint Protection Manager using your Active Directory User name and password
- 使用perl-ldap修改a user's password in MS Active Directory
- Change password of ActiveDirectory
- Authenticate a user against the Active Directory using the user ID and password
- Cordova error: tool 'xcodebuild' requires Xcode, but active developer directory '/Library/Deve
- Active Directory Rights Management Services 的预安装信息
- password_hash的使用方法
- fatal: could not read Password for 'https:/username@bitbucket.org': No such file or directory
- How to manually configure a DNS server to support Active Directory!
- [KMP][字符串Hash] #93 div1 cf 126B Password
- Cracking Cached Domain/Active Directory Passwords on Windows XP/2000/2003
- 直接使用HashPasswordForStoringInConfigFile生成密文(MD5)
- Retrieve the Windows 7 Password Hash on the Fly
- Extending the Active Directory Schema
- 【转】Import User Profile Photos from Active Directory into SharePoint 2010
- 操作Active Directory C#
- 操作Active Directory C#
- ADSI (Active Directory Services Interface)