Results 1 to 5 of 5

Thread: Looking for a secure way to audit AD passwords using backtrack

  1. #1
    Just burned his ISO
    Join Date
    Oct 2011
    Posts
    5

    Default Looking for a secure way to audit AD passwords using backtrack

    Hi all, is it possible to use one of the tools in Backtrack 5 to do a password audit in an Active Directory of which I have the administrator password?

    I have permission from management of a customer to do this to check newly rolled out policies, but they do not want to fork out $500 for l0phtcrack. Is there anything similar in Backtrack?

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Looking for a secure way to audit AD passwords using backtrack

    Quote Originally Posted by koning View Post
    Hi all, is it possible to use one of the tools in Backtrack 5 to do a password audit in an Active Directory of which I have the administrator password?

    I have permission from management of a customer to do this to check newly rolled out policies, but they do not want to fork out $500 for l0phtcrack. Is there anything similar in Backtrack?
    Assuming you have dumped the password hashes from one of the Domain Controllers using something like fgdump you can use john the ripper, included on Backtrack, to actually crack those hashes. Someone here (bofh28) wrote a really kick ass guide to password cracking that you might want to refer to.
    Last edited by lupin; 10-14-2011 at 08:16 AM.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Just burned his ISO
    Join Date
    Oct 2011
    Posts
    5

    Default Re: Looking for a secure way to audit AD passwords using backtrack

    Thanks mate, very promising, but I can't see the attachment... any idea? is the actual document gone?

    When I click on attachments (2 showing on mouseover) in the topic list, The next page tells me there are no available attachments...

    Would love to get that document though

  4. #4
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Looking for a secure way to audit AD passwords using backtrack

    Yeah I know its a little hard to find. From memory, Pureh@te was hosting it on his site, which led me to the following which I think is the right document:

    http://tools.question-defense.com/Cr...ords_Guide.pdf
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  5. #5
    Just burned his ISO
    Join Date
    Oct 2011
    Posts
    5

    Default Re: Looking for a secure way to audit AD passwords using backtrack

    Thanks for your help mate... I've got some reading to do now :-)

Similar Threads

  1. Replies: 9
    Last Post: 03-21-2011, 09:38 PM
  2. Need help with network audit :)
    By kalastat in forum Beginners Forum
    Replies: 2
    Last Post: 04-27-2010, 01:09 PM
  3. Backtrack Series - 12: Session Hijacking for Secure Websites
    By fifo_thekid in forum OLD BackTrack 4 Howto
    Replies: 27
    Last Post: 02-04-2010, 04:37 AM
  4. Backtrack and Windows Passwords
    By tyrgas in forum OLD Newbie Area
    Replies: 3
    Last Post: 03-13-2008, 11:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •