[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-ms
Subject:    MS SQL & NT registry
From:       "Lynum, David" <David.Lynum () elancorp ! com>
Date:       2001-10-31 20:56:45
[Download RAW message or body]

Hey there,

This is first time I've posed a question to this list, so take it easy on
me.

My question has to do with a whitepaper I read from ISS.net on security
database servers, and here's the link to it,
http://documents.iss.net/whitepapers/securingdbs.pdf. The paper shows how to
use an extended stored procedure call, "xp_regread" to read registry
contents for the SAM\Domains\Accounts section.  But it doesn't tell you how
to extract the query results so that a password cracking program such as
L0phtcrack can be used to see the account information.  My question is
specifically about extracting the contents of the SAM registry entries from
the SQL query results so that I can import them into L0phtcrack to crack
them.  How do I do this?  I've saved the query report results to a file and
then opened that file from within L0pht, but L0pht closes as soon as I do
this.  I e-mailed support for L0pht and they haven't gotten back to me.  I
have L0pht 2.52.  Also, I spoke with one of the security people at ISS about
this, but they won't provide any help.

Have any of you done this, or know where I can find information on how to do
this?  I need to know because I handle data security for my company and I
have to prove to them that this exploit is real before they'll take any
action.

Thanks in advance for your help,

David


--This communication and any files transmitted with it contain information which is \
confidential and may be privileged and exempt from disclosure under applicable law. \
It is intended solely for the use of the individual or entity to which it is \
addressed. If you are not the intended recipient, you are hereby notified that any \
use, dissemination or copying of this communication is strictly prohibited. If you \
have received this communication in error, please notify the sender. Thank you for \
your co-operation.--


[prev in list] [next in list] [prev in thread] [next in thread]