Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.6: Unlock screens using any admin password' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.6: Unlock screens using any admin password
Authored by: afingal on Nov 05, '10 12:14:08PM

Right, with Kerberos, the password information is not even on your machine. Your password is checked against a key server which assigns a Kerberos ticket to your session on the machine and it is only good for that session. You would have to either catch the action of authentication against the key server or crack the key server, itself. Without Kerberos, a password can be cracked with a chosen text attack, which is more or less difficult depending on the strength of the one way hashing algorithm used to encrypt the password and on how strong the user's password is. See my reply to one of the other messages below for more about this.



[ Reply to This | # ]
10.6: Unlock screens using any admin password
Authored by: Unsoluble on Nov 05, '10 01:31:05PM

Right, which makes me wonder what mvgfr (above) is talking about.



[ Reply to This | # ]
10.6: Unlock screens using any admin password
Authored by: mvgfr on Nov 08, '10 12:43:10PM

You simply replace the *reference* to the password (the text string in the AuthenticationAuthority attribute, if I recall), which tells OD where to find the password.

And then put the old *reference* back when you're done.

No actual passwords are read or changed.



[ Reply to This | # ]