Search the Community
Showing results for tags 'windows'.
Found 2 results
I'm in the process of learning about Windows passwords and experimenting on how to extract them using different tools like Ophcrack and Offline NT Password and Registry Editor. I've started with Windows XP because its the easiest. I can successfully run Ophcrack on a Windows XP computer and it will list some user account names and passwords. The thing I can't figure out is that it doesn't list all the account names I know are on the computer, either local or domain account names. I thought all account names, either local or domain are stored in the local SAM file so you could login offline. Does anyone know why I'm missing some account names when I run either tool? I haven't tried this on a Windows 7 computer so I don't know if its just this one XP machine that's doing this. Thanks
Hello everyone! I'm new here, and this is my first post, but I've been studying security on and off for some time. Currently I'm a student studying IT, and working as a sysadmin. I'm looking to get into the security field, and I hope to become a vaulable member of this community! Through some reading, I've determined that RPC endpoints are a vulnerable point in Windows systems; but I'm not sure why. I'm also not certain what they are used for. I ran a python script I found from CORE security (https://code.google.com/p/impacket/source/browse/trunk/examples/rpcdump.py?r=246) to enumerate RPC endpoints one of my Windows boxes. Looking at the output, I can't determine much. It looks like a lot of UUIDs, and a bunch of information I can't really make much of (ex: Version: 1, Annotation: Impl friendly name, StringBindings: ncalrpc:[Audiosrv], etc.). Has anyone used rpcdump.py before, or any other tool to enumerate RPC endpoints? What are the purpose of endpoints, and what makes them a vulnerability (I'm assuming you can eventually gain an RPC session using them)? Thanks for any help/guidance!