Sure... Just do a pwdump and use your favorite cracker (L0phtCrack,etc) to
determine which are null.
t
----
Timothy Mullen, MVP, MCSE, MCT, MCSD
Vice President of Consulting Services
NGS Software
www.ngssoftware.com
Check out Thor's "Microsoft Ninjitsu: Blackbelt Edition" at Blackhat Vegas
2007!
http://www.blackhat.com/html/bh-usa-07/train-bh-us-07-tm-ms-bbe.html
----- Original Message -----
From: <igor.mamuzic (at) koncar-inem (dot) hr [email concealed]>
To: <focus-ms (at) securityfocus (dot) com [email concealed]>
Sent: Monday, April 02, 2007 9:43 AM
Subject: Discovering Active Direcory users with blank passwords
> Is there a way to discover Active Directory users with blank passwords if
> I have domain admin privileges and local access to my domain controllers?
>
> Best Regards,
> Igor
>
>
>
determine which are null.
t
----
Timothy Mullen, MVP, MCSE, MCT, MCSD
Vice President of Consulting Services
NGS Software
www.ngssoftware.com
Check out Thor's "Microsoft Ninjitsu: Blackbelt Edition" at Blackhat Vegas
2007!
http://www.blackhat.com/html/bh-usa-07/train-bh-us-07-tm-ms-bbe.html
----- Original Message -----
From: <igor.mamuzic (at) koncar-inem (dot) hr [email concealed]>
To: <focus-ms (at) securityfocus (dot) com [email concealed]>
Sent: Monday, April 02, 2007 9:43 AM
Subject: Discovering Active Direcory users with blank passwords
> Is there a way to discover Active Directory users with blank passwords if
> I have domain admin privileges and local access to my domain controllers?
>
> Best Regards,
> Igor
>
>
>
[ reply ]