NT hashes in krb5
Greg Hudson
ghudson at mit.edu
Mon Jan 19 13:17:43 EST 2015
On 01/19/2015 02:24 AM, Zaid Arafeh wrote:
> If I have the K/M key (which is in the database) and I have the password
> for the master key, would that make extracting hashes from the database
> easier?
It is possible but not convenient; you would have to write code to do
the decryption.
> I looked at the keytab file (thnx) , unfortunately keytab files usually
> don't store the krbtgt key (which is what I am looking for )
Nothing stops you from extracting a krbtgt key to a keytab. It is true
that people do not usually store krbtgt keys in keytabs--but krbtgt keys
are also not normally NT hashes; they are normally random and do not
correspond to any password.
More information about the Kerberos
mailing list