In parts one and two we discussed how to dump password hashes from a Domain Controller and how to crack these hashes to obtain a list of clear text passwords. In this blog post, we’ll learn how to obtain useful metrics from cracked password hashes in order to...
In part 1 we looked how to dump the password hashes from a Domain Controller using NtdsAudit. Now we need to crack the hashes to get the clear-text passwords. Hash Types First a quick introduction about how Windows stores passwords in the NTDS.dit (or local SAM)...
One of the recurring issues in our internal penetration tests is inadequate password management, which in most cases leads to a fast takeover of the Active Directory (AD) domain. Most system administrators consider that just enabling password complexity and setting a...
Using a complex and unique password for each login is obviously important, however this can cause remembering all of your passwords to become very difficult and often leads to a compromise on password quality, as well as repeated uses of the same password. Using...
There’s one thing that I’ve learned from penetration testing, it’s that passwords need to be secure. According to recent research some of the most common passwords include ‘123456’, ‘qwerty’ and even ‘password’. These are very weak and should be avoided at all costs....
