Dump the sam file (use pwdump) and run a cracker. The most simplistic settings on any cracker will show the blank passwords immediately.
Regards, Jeff -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, April 02, 2007 11:43 AM To: [email protected] Subject: Discovering Active Direcory users with blank passwords Is there a way to discover Active Directory users with blank passwords if I have domain admin privileges and local access to my domain controllers? Best Regards, Igor The preceding email message may be confidential or protected by the attorney-client privilege. It is not intended for transmission to, or receipt by, any unauthorized persons. If you have received this message in error, please (i) do not read it, (ii) reply to the sender that you received the message in error, and (iii) erase or destroy the message. Legal advice contained in the preceding message is solely for the benefit of the Foley & Lardner LLP client(s) represented by the Firm in the particular matter that is the subject of this message, and may not be relied upon by any other party. Internal Revenue Service regulations require that certain types of written advice include a disclaimer. To the extent the preceding message contains advice relating to a Federal tax issue, unless expressly stated otherwise the advice is not intended or written to be used, and it cannot be used by the recipient or any other taxpayer, for the purpose of avoiding Federal tax penalties, and was not written to support the promotion or marketing of any transaction or matter discussed herein.
