Windows 2016 Password Hash Table Location

Question

Sadly, it is not self evident just how important it is to get a penetration test done at this company. I am rather rusty to this. Where is the hash table stored on a Win2016 DC these days?

I want to run a simple cracker against it, in order to probe for weak passwords and prove that people are not adhering to our policies and guidelines. This will then be the foundation for my argument of how vulnerable we are and how we need to get penetration testing done then improve our security policies.

Thanks in advance.

score 0 · Answer 1 · answered Jan 14 '20 at 14:37

After posting this, I managed to find this guide.

C:\Windows\NTDS\ntds.dit
C:\> ntdsutil
.
ntdsutil: activate instance ntds
ntdsutil: ifm
ifm: create full c:\audit
ifm: quit
ntdsutil: quit

The following commands will create a folder called C:\audit containing the Ntds.dit and SYSTEM files

Windows 2016 Password Hash Table Location

1 Answers1