| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <F29D2A0F2316407198531C35256AE2E8@localhost> Date: Mon, 13 Dec 2010 19:35:13 +0100 From: "Stefan Kanthak" <stefan.kanthak@...go.de> To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.grok.org.uk> Cc: StenoPlasma@...loitdevelopment.com Subject: Re: Flaw in Microsoft Domain AccountCachingAllows Local Workstation Admins to TemporarilyEscalatePrivileges and Login as Cached Domain Admin Accounts(2010-M$-002) "StenoPlasma @ ExploitDevelopment" <StenoPlasma@...loitdevelopment.com> wrote: Your MUA is defective, it strips the "References:" header! > Stefan, > > For you information: > > Cached domain accounts on a local system are not stored in the SAM. They > are stored in the SECURITY registry hive. When a cached domain user logs > in to the system, they do not authenticate against the SAM (As you can see > in my article, I am not editing the SAM). OUCH! Obviously you have NOT understand a single word! It is COMPLETELY irrelevant where cached credentials are stored on the local computer, and I haven't written anything about that. Logins with local user accounts are authenticated against the resp. SAM, whereas logins with domain user accounts are authenticated against the resp. AD. Only if the latter is not available cached credentials are used. Stefan [ another braindead fullquote removed] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists