Re: LM Hashes and NTLM Hashes with Windows Server 2003

On my wife's laptop, I open an admin command prompt and type net users

I can't find where in Windows 10 these accounts are listed. But WDAGUtilityAccount, DefaultAccount....hrmmm.

I thought there was a way to view user accounts and groups under Computer Management -> Users and Groups, but I don't have a Users and Groups section under Computer Management

I see the WDAGUtilityAccount is part of the Windows Defender Application Guard which came with the Fall Creators Update (version 1709).

DefaultAccount seems to be some account that comes with 10 by default. I'd still like to see if they're set disabled or not.

So far, it looks good, but I'm still going to check everything.

It might be a false alarm, because at work, my wife uses the neighboring store's wifi, which has faster speeds (and is open), and she got the same two messages, this time, about the store's wifi.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Nice dialog there. Wifi default security (even WPA2) have been already compromised. If you require a better level, try implementing a RADIUS server. Until WPA3 comes, we're pretty much SOL.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Might be a false positive, she's using Norton Mobile Security on a Samsung Galaxy S7.

It seems lots of people are getting this on the Samsung devices. The fact that she receives it at work as well means either A) her phone is compromised B) It's a false positive. Trying to contact Norton now, but like just about every other company, longer than normal wait times.

I had her check for updates manually, even though updates are set to automatic. She was running 4.1.0.4061 of Norton Mobile Security. There was an update. She updated, now the message seems to be gone.

Also, on her Desktop, I did a scan, and half way through, it pops up a message saying Repair Status
Norton Installation Successful

Seems like the Norton install somehow got corrupt on her PC. I don't like that.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Yes, WPA2 has been compromised, but with long, complex passwords, I think we're fairly safe.

Can I implement a RADIUS server on my Linux server? I believe RADIUS, so far, has been impossible to crack. And I would love to use it, assuming our wireless devices support it (ie, the two cell phones, her Galaxy S7, my cheap 50$ walmart special, the Brother MFC-L8850CDW, the really cheap tablet(s), and the 3DS (which I don't think supports RADIUS)), plus the game consoles, like the PS3, Xbox 360, PS4, Xbox 1, Wii). She hasn't actually played any games since the baby was born, and worse case, I hard wire them.

But the printer I'd like to keep wireless, and I'm pretty sure that supports RADIUS.

What software would I use to try and crack my password? hashcat and something like wireshark in promiscuous mode, after flooding the arp table or something?

I'd like to see if I can hack into it. If I can, others can.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

When you say Nice dialog there, are you being sarcastic? Was there something wrong with them or should I have not uploaded them? I wish they provided more information on it.

An attacker is attempting to decrypt this network and may view and alter your communications is kinda vague. It'd be nice if they gave some sort of address, either MAC or IP address. Something a little more informative. Like the ability to view some log, as to why it thinks this....

New update to the program though, network shows secure. Again, this only happens on her cell.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

No, I was actually impressed that they implemented a security feature that actually monitors the network and not just the device.

For the implementation and pentesting of RADIUS: I don't have hands-on experience on it, so I can't really suggest anything. But as always, I think you might be able to get it running fine by watching some tutorials at YT.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Okay, the renaming makes lots of sense.

I read the URL you link me too and from my understanding after reading it, the user profiles are stored in the System State, but is that a directory or a file or what? How would I pull usernames and password hashes from this System State?

Thanks!

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Yes, I agree. It is impressive, and it's a shame that Norton Security on the PCs don't do the same! But it turns out it was definitely a bug in the program.

Norton even mentions it on their website. I guess it affects just Samsung devices or Samsung S7's (what my wife has) and has been fixed now, thankfully.

I wish they had the option to have it send an e-mail to you when that was happening or something.

I need to find a way to have certain emails or something set off some loud alarm to wake me up. For example, if the security software on my Linux box detects someone trying to hack in, I'd like it to wake me up while I'm sleeping.

Currently, I get emails, which are okay, don't get me wrong, but I get a lot of emails for a lot of different things, and I want to somehow filter them, or configure SNMP to do something else. I dunno.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Samsung Galaxy S5 and later=I like!

Re: LM Hashes and NTLM Hashes with Windows Server 2003

She loves her S7, but expensive it was! No contract, AT&T, and then because we paid full price, we were able to switch it over to Straight Talk with no issues. I bought it for her as a Christmas Present.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Your uname... Red is admin, orange is mod, green is badcaps vet, black is N00B, WTF is blue? Been through hell trying to get Windows server to cooperate?

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Been through hell trying to understand all the various Windows licenses to stay legal is more like it!!!!

For example, we have to actually pay money for a license for my CentOS 7 desktop, because it's going to be accessing our server running CentOS 7, with 3 VMs running Windows! And we have to license our cell phones because the server sends them text messages if the hard drives, or power supplies are dying, or if it's overheating, or if a fan goes out, etc. That's freaking ridiculous! But to stay legal, that's what we have to do.

Talking to Chris from Microsoft on SpiceWorks. He knows his shit. Took him years to learn the licensing, but if anyone knows it, it's that man. He's supposed to call me to check some alternative options, if any are available, but man, talk about a smart move.

Microsoft there, I mean. They made a very smart move doing what they did. Businesses that need to use their OS are forced to constantly pay them money, monthly or yearly. I betcha they're making more than the ever made.

And now, their server edition, this is great....core based license! Plus, you still gotta buy the user CALs and device CALs! But you gotta per CPU core! Minimum is 8 cores and you gotta buy them in multiples of two. For our server, we were looking at something like 16,000$ - 34,000$ when everything was said and done, just for the Windows Server and all it's licenses. And then, in 8 years, we'd have to do it all over again.

Wanna get rich quick? Develop a product and screw the customers as much as possible. That's something I just can't do. I've had many opportunities to screw people over, to benefit just myself, or get lots of money, but I can't do that. That's what's wrong with this world. Money is the driving factor. That's what most people care about, not their fellow people.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Looks like the idea of having Windows for a server, is dead, except for folks using them with the minimum amount of CALs required and thus for as little as possible... It already looks like Linux and maybe BSD, has already been popular with servers for years now, if not several years!

Looks like a win for RedHat and a loss for Microsoft coming!

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Yeah, dead unless you're a huge corporation. And that's who they appear to want to deal with mostly. They don't want us little guys, they want the big 250,000$ sales, not the 60$. Kinda sad really.

Server companies are kinda going that way as well. You got a problem with that new HPE Server of yours that a simply firmware upgrade will fix? Your only two options, pay over a grand a year for warranty (and I want to say it was like 5,000$?) or pirate the firmware and risk there being something hidden in there.

There firmwares aren't like Desktop firmwares. Lots of firmwares get updated with the firmware packs, but now, without an active warranty, you're not eligible to download those firmwares, among other useful things.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

QFT. Also, even the U.S. government uses Linux or BSD, IIRC! They are known to use RedHat, IIRC.

Re: LM Hashes and NTLM Hashes with Windows Server 2003

I think the more we use non-Windows OSes, the more some larger companies might start making their programs available for non-Windows OSes.

Like SolidWorks, Windows only. If they had a Linux version, that'd be nice. But I think a lot of companies hear Linux and think free, open-source. And although the kernel itself is open-source and free, that doesn't mean you cannot right closed source-code and charge money for it.

IDA, the disassembler, I believe is a good example. They have a nice Linux version, that costs money. Another one is Nessus, the auditing software. They have a Linux version, that cost money. You can also download freeware versions, but I'm certain they've made money off their Linux versions somewheres along the lines, othewise they would have dropped support for the OS a long time ago!

Re: LM Hashes and NTLM Hashes with Windows Server 2003

Well, im eating my words. I got an Inspiron 8100 for free. Still running XP. Need to break in.