The tools
This is supposed to be a (quite) complete list of the tools I mentioned or used to gain my results:
Source of information hence worth reading:
- http://www.defenceindepth.net/2012/06/password-hashing-best-practice.html?utm_source=BP_recent
- http://www.onlinehashcrack.com/how_to_crack_windows_passwords.php
- http://www.windowsnetworking.com/kbase/WindowsTips/Windows2000/AdminTips/ActiveDirectory/ActiveDirectorydatabasefileNTDS.DIT.html
- http://www.openwall.com/passwords/microsoft-windows-nt-2000-xp-2003-vista-7
Programms:
- Cain&Abel for the actual cracking
- PwDump6 for getting the hashes ectracted from the NTDIS.dit file
- Password dictionarys
- Create your own intelligent dictionarys with wordhound
If cloning a DC
As I do a complete offline action of catching the hashes via cloning an active DC in VM, my clone does not have ANY network connection for security purpose.
But CAIN needs one to catch the data.
The workaraoung is to install a loobback-only interface via the "add hardware" feature.