William Harper Posted February 23, 2007 Share Posted February 23, 2007 Challenge to anyone to demonstrate how to recover AD usernames & passwords from a Windows 2003 active directory domain controller system state backup (eg. Out of the ntds.dit and/or associated files) Assume: 1) You don’t have access to the original hardware where the backup was performed. 2) The NTBackup is not password protected. 3) You can get the SYSKEY from the system hive in the backup (using any of the many available tools such as (OPHCrack, LCP, Advanced/Elcomsoft)) Regards, William Quote Link to comment Share on other sites More sharing options...
deleted Posted February 23, 2007 Share Posted February 23, 2007 if you just want us to tell you how to do it just ask. Yes you may get shot down but you never know. If it is a genuine challenge however this sounds like a good one. Quote Link to comment Share on other sites More sharing options...
William Harper Posted February 24, 2007 Author Share Posted February 24, 2007 if you just want us to tell you how to do it just ask. Yes you may get shot down but you never know.If it is a genuine challenge however this sounds like a good one. Its Genuine. I don’t know how to do it. As far as I'm aware (have done lots of searching the net) there is no documented method of doing it. The NTDS.DIT is highly protected (perhaps it's security through obscurity, but none the less, the structure is encrypted and propriety to M$). So the best way I can guess would be to get the AD restored to a working Domain Controller then use standard tools like SAMDUMP, FGDUMP, and the AD DC Administrator password reset trick http://www.petri.co.il/reset_domain_admin_...ver_2003_ad.htm The problem is that you cant restore the AD alone from a System State. The NTBackup tool forces you to restore all the dll's and other system stuff at the same time, which usually kills the destination system because the hardware is different. If anyone is going to play with this, it would be beneficial to everyone else if they could use some form of Virtual environment (VMWare Server(free) etc), so we can easily reproduce the results. Cheers, Will Quote Link to comment Share on other sites More sharing options...
killr Posted April 1, 2007 Share Posted April 1, 2007 If you can do a restore that kills the hardware drivers, have you tried a repair from the 2003 setup? That usually fixes the HAL drivers Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.