Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > pen-test > 02 > 120078.html (Request Expert securityfocus.com Support)

RE: Novell NDS

From: Ken Smith <ksmith(at)akibia.com>
Date: Wed Dec 11 2002 - 11:55:28 EST


Does Novell still keep the NDS information (database) in a hidden directory off of the root of SYS? If you have ADMIN access, can that data be accessed directly... maybe via the netbasic interpreter that's included with Netware?    

-----Original Message-----

From: s c [mailto:nogodhere@hotmail.com] Sent: Wednesday, December 11, 2002 7:11 AM To: pen-test@securityfocus.com
Subject: Novell NDS
Importance: High

Interestingly Novell has provided new patches for thei NDS, which when applied now create different file types after running a DSREPAIR.

In the past and without the upgrade, once you have RCONSOLE access you can then create a backup of the NDS with DSREPAIR and then use a product like Pandora (NMRC) to break the .DIB file apart and crack the passwords with it. Another password cracker for Novell's NDS is IMP.

Unfortunately, the file type is now in a file named '00000000.$DU'.

Just like I don't know the actual coding to break apart the SAM that l0phtcrack uses, I don't know the actual coding to do the same to the NDS files.

I believe this new file is actually signed by a private key generated by the Novell system, making it more difficult to crack.

Any advice here would be helpful. The penetration activity is still successful as we have ADMIN level access and created our own account and can view any system, reset any password, etc. It would be helpful to be able to crack all the passwords for the client as well as for our own enjoyment.

Do you need help?X

-P


The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail

This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/

This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ Received on Wed Dec 11 15:07:12 2002

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:31 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library