Go Back   Computer Forums > General Computing > Networking | DNS
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 10-20-2006, 10:39 PM   #1
Beta Member
 
Join Date: Oct 2006
Posts: 1
Default What really happens when you login to a Network

From the when you type in your user name and password and click "ok" to when you are presented with your active desktop what happens? How are the passwords transfered... I know that local passwords are stored in the SAM in the registry, but where are the remote passwords stored? What encryption methods are posssible? How might these passwords be extracted? Could I view the shares on these domain computers?

Please be technical...

If you have a website you know of, inform me.

P.S. : I'm talking about a local LAN.

~Professor
__________________

ipndrmath is offline   Reply With Quote
Old 10-25-2006, 03:47 PM   #2
Daemon Poster
 
Join Date: Mar 2005
Posts: 825
Default Re: What really happens when you login to a Network

For someone who uses the signature ~Professor, shouldn't we be asking you this?
__________________

CrossCech is offline   Reply With Quote
Old 10-25-2006, 03:55 PM   #3
Golden Master
 
DJ-CHRIS's Avatar
 
Join Date: Apr 2006
Posts: 5,203
Send a message via AIM to DJ-CHRIS Send a message via MSN to DJ-CHRIS Send a message via Yahoo to DJ-CHRIS
Default Re: What really happens when you login to a Network

Quote:
Originally Posted by ipndrmath
From the when you type in your user name and password and click "ok" to when you are presented with your active desktop what happens? How are the passwords transfered... I know that local passwords are stored in the SAM in the registry, but where are the remote passwords stored? What encryption methods are posssible? How might these passwords be extracted? Could I view the shares on these domain computers?

Please be technical...

If you have a website you know of, inform me.

P.S. : I'm talking about a local LAN.

~Professor
The passwords are stored on the domain controllers remote SAM. If you have a good reason to figure this stuff out i'll help you over msn or aim.

Password extraction would involve connecting to the remote admin$ or c$ share and stealing the passwords, however an admin (Or poweruser too, I believe) account can only do this.

No encrpytion, LANMAN2 and Kerebros are possible encryption method's.

Viewing shares is easy on domain computers, I use a program like Cain & Abel to detect every single remote share on a computer, as well as usernames and groups usually.
DJ-CHRIS is offline   Reply With Quote
Old 10-25-2006, 04:24 PM   #4
In Runtime
 
Denier-of-Soup's Avatar
 
Join Date: Jun 2004
Posts: 130
Send a message via AIM to Denier-of-Soup Send a message via MSN to Denier-of-Soup
Default Re: What really happens when you login to a Network

Quote:
Originally Posted by CrossCech
For someone who uses the signature ~Professor, shouldn't we be asking you this?
Would you expect an electrician to be able to perform open heart surgery? No? Why not?
Denier-of-Soup is offline   Reply With Quote
Old 10-25-2006, 06:26 PM   #5
Fully Optimized
 
UK31337's Avatar
 
Join Date: Feb 2005
Posts: 2,776
Default Re: What really happens when you login to a Network

Quote:
Originally Posted by DJ-CHRIS
The passwords are stored on the domain controllers remote SAM. If you have a good reason to figure this stuff out i'll help you over msn or aim.

Password extraction would involve connecting to the remote admin$ or c$ share and stealing the passwords, however an admin (Or poweruser too, I believe) account can only do this.

No encrpytion, LANMAN2 and Kerebros are possible encryption method's.

Viewing shares is easy on domain computers, I use a program like Cain & Abel to detect every single remote share on a computer, as well as usernames and groups usually.
You're wrong in one respect - NT based Domain Controllers don't use SAM, they use something stronger (can't remember offhand what it is).

When you log into the system, Windows encrypts your password using a pre-defined encryption algorithm (possibly something like NTLM), and the hash is sent rather than the original plaintext password. If the hash stored against your username matches the hash your machine sent, then it's a successful login, and I think a login token is sent back, and your machine downloads your personal settings etc.

Although you should really know this if you're supposed to be teaching folk how to do it.
__________________
Master of common sense. If you don't like it, stop reading.
UK31337 is offline   Reply With Quote
Old 10-25-2006, 07:13 PM   #6
Golden Master
 
DJ-CHRIS's Avatar
 
Join Date: Apr 2006
Posts: 5,203
Send a message via AIM to DJ-CHRIS Send a message via MSN to DJ-CHRIS Send a message via Yahoo to DJ-CHRIS
Default Re: What really happens when you login to a Network

I guess your right, the passwords on a domain controller would be stored encrypted inside the directory right?
DJ-CHRIS is offline   Reply With Quote
Old 11-01-2006, 01:11 AM   #7
In Runtime
 
Join Date: Aug 2006
Posts: 117
Default Re: What really happens when you login to a Network

the password is not sent over the network. An encrypted hash of the password is sent (its salted)
__________________

bilbus is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 10:25 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0