[foofus-tools] Pwdump on 64 bit Itanium servers, Pwdump delivers computer accounts
Thomas.Schneider01 at t-systems.com
Thomas.Schneider01 at t-systems.com
Fri Aug 28 06:48:59 PDT 2009
> Hello;
>
> a colleague tried to run Pwdump on a 64 bit Itanium W2K3 server and
> the lsass process crashed. Therefore the project was compiled for
> Itanium processor. Does someone have experience with Itanium?
> I couldn't re-produce it, because I didn't have a Itanium test system.
> I thought about the general problem of a crashed lsass process. Does
> someone know, why the code must be injected into the lsass process
> instead of running it directly? This would be very interesting for me.
> I'm a C# programmer and usual avoid crushing processes by using try
> and catch. But the code that is injected looks like developed in C and
> not C++ (which I believe supports try and catch) as the rest of the
> code. Is there a way to migrate this part to C++?
>
> Additionally I want to ask for a small feature request. The Pwdump
> tool delivers on Domain Controllers also all Computer Accounts, that
> are normally not in focus, because passwords are very strong set by
> Microsoft and should never be possible to crack. In big environments
> it would be much more faster. to avoid enumerate such accounts. To do
> this the 3rd parameter of the function "SamrEnumerateUsersInDomain"
> ("pSamrEnumerateUsersInDomain" in your code) must be set to 0x10.
> More information's about this could be found under
> http://download.microsoft.com/download/a/e/6/ae6e4142-aa58-45c6-8dcf-a
> 657e5900cd3/%5BMS-SAMR%5D.pdf (chapter 3.1.5.2.5
> SamrEnumerateUsersInDomain and chapter 2.2.1.12 USER_ACCOUNT Codes).
> In my environment this works very well.
>
>
> Regards,
> Thomas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.foofus.net/pipermail/foofus-tools-foofus.net/attachments/20090828/f1746c48/attachment-0003.htm>
More information about the foofus-tools
mailing list