General discussion


Password Audits

I was recently asked to perform a password audit on our Window users. The tools that I have encounteed so far, Cain&Abel, Jack the Ripper, don't apear to extract password hashes from the Active Directory, only the SAM file. Does anyone have any information on a password audit tool that works with AD and documention on how it works?


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by G... In reply to Password Audits

Isn't it one built in AD? Not a very complete one but alright for simple audit.
Not sure but I think so and I think there was explaination in the AD help.

Collapse -

by xcode In reply to Password Audits

Password Audit is an essential component of overall security audit process. The tools you mentioned are primarily meant to work on the SAM file since the user information is stored in it.

In an AD environment, User account details are not stored in SAM. The Account details for the clients in AD are stored in %windir%\windowsDS\ntds.dit

since you are to perform the password audit in AD environ., I can think of two ways at this time:

a. Sniff the network for Windows Authentication exchanges n gather the password.
b. Attempt Brute-force attacks to check the strength of the passwords, the time a tool takes to crack the passwords etc.

Password and Audit policy used in AD environ, though, may depend on the business model of your organization but it should always be able to provide a good resistance to external (and internal) attacks.

Hope this helps.

Collapse -

by xcode In reply to

Plz rate the answer and close the question if your concern is solved.


Collapse -

by gstarcher In reply to Password Audits

Related Discussions

Related Forums