This isn’t a criticism of the tool, it just isn’t what the tool specialises in. Nor is the output of sufficient quality to be as useful as it could be. While the audit for configuration insecurities is excellent, the literal dictionary of passwords to use for cracking is not the most efficient way to do it. We did this by using the PowerShell module to examine account configurations for vulnerabilities and we provided a plain text password dictionary for brute forcing our users’ passwords. In the previous post, we covered using DS-Internals to do a password quality audit. (This is the second of a three-part series on Microsoft Active Directory password quality auditing and password cracking)įollowing on from part 1 where we used DS-Internals to do some basic password quality auditing, in this post, we extract all of your password hashes from Active Directory and crack them with John the Ripper. John the Ripper loves cracking Active Directory password hashes and your users love ‘Password1!’
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |