Microsoft HK local exploit - Executes any command as SYSTEM, as described in MS01-003. Good for recovering lost admin rights. Includes C source and binary.
cd88e00055d120a493e12b4c85d7918cb835d162033519a2bfc4df5c703507c9BindView Security Advisory - Windows NT 4.0 and 2000 contain multiple vulnerabilities in the LPC ports, as described in ms00-070. Implications range from denial of service to local promotion.
e24169f769ff08b95674ca0b151e7ca48901eed39216c7984e0e4d0e2e4797aepwdump2 - This is an application which dumps the password hashes (OWFs) from NT's SAM database, whether or not SYSKEY is enabled on the system.
16a77e246b28114635e53ac29ced3bab37b377719626d78e44fb26f7ff6499d4This is a file system driver for linux, which understands the NT registry file format. With it, you can take registry files from NT, e.g., SAM, SECURITY, etc., and mount them on linux. Currently, it's read-only, though I may add read-write capability in the future.
fbd28017cf1376b3ebdb20590e0a8ad28f3e175df8176d40ca1d701f7c442aedThis is a small unix utility that does the equivalent of NT's nbtstat -A . It sends a Node Status request to the host specified on the command line, and waits (up to 10 seconds) for the reply. If it gets the reply, it dumps the reply as hex, and then interprets the name table.
f2d1cda851422ba2c3988c1bfce5d3c633d2dd73e5be637a2665736f778bf67eBindView Security Advisory - Windows NT's SYSKEY feature. SYSKEY does not fully protect the SAM from off-line attacks. Specifically, dictionary and brute-force password cracking are still possible, even when SYSKEY is enabled and the attacker is not in possession of the SystemKey.
ed21462fc63b5f9e8702adc0dc85afa7134cb844786d5211b01a9c25a543ad2d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed