[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: 'krbPrincipalKey' and 'sambaMungedDial'

[Martin Schulte]
> thank you for your answer.
> I found a way to get the passwords in cleartext from lenny ldap, thanks 
> to windows, the secures OS ever :-) and his LM-Hash. You can crack this 
> LM-hash using ophcrack (http://en.wikipedia.org/wiki/Ophcrack ), which 
> uses rainbow tables.

Interesting and scary.  Even in Debian Edu Squeeze, the user passwords
are stored in three places in the user LDAP object.  Once for Kerberos,
once for Samba and once for GOsa.  We should really try to get rid of
the last two.

> If someone interested i can put the script into the wiki.

Sound like a nice thing to publish, yes.

Happy hacking
Petter Reinholdtsen

Reply to: