ldbsearch -H /var/lib/samba/private/sam.ldb '(&(objectclass=person)(name=Administrator))' name unicodePwd # record 1 dn: CN=Administrator,CN=Users,DC=office,DC=zentyal,DC=lan name: Administrator unicodePwd:: kXh1DQFudwnw+lnHhubyUw= http://www.hashkiller.co.uk/ntlm-decrypter.aspx just took 242ms to return my password Only zent1 as its just a VM running a test of Zentyal3.5
On 21/07/14 09:29, Stuart Naylor wrote:> ldbsearch -H /var/lib/samba/private/sam.ldb '(&(objectclass=person)(name=Administrator))' name unicodePwd > > # record 1 > dn: CN=Administrator,CN=Users,DC=office,DC=zentyal,DC=lan > name: Administrator > unicodePwd:: kXh1DQFudwnw+lnHhubyUw=> > http://www.hashkiller.co.uk/ntlm-decrypter.aspx just took 242ms to return my passwordAre you sure? you put a unicodePwd into something that cracks ntlm passwords and got your plain password back?? Rowland> > Only zent1 as its just a VM running a test of Zentyal3.5
Am 21.07.2014 10:29, schrieb Stuart Naylor:> ldbsearch -H /var/lib/samba/private/sam.ldb '(&(objectclass=person)(name=Administrator))' name unicodePwd > > # record 1 > dn: CN=Administrator,CN=Users,DC=office,DC=zentyal,DC=lan > name: Administrator > unicodePwd:: kXh1DQFudwnw+lnHhubyUw=> > http://www.hashkiller.co.uk/ntlm-decrypter.aspx just took 242ms to return my password > > Only zent1 as its just a VM running a test of Zentyal3.5Because this website uses an database of decrypted hashes and zent1 is in that database.