On 01/19/2015 02:24 AM, Zaid Arafeh wrote: > If I have the K/M key (which is in the database) and I have the password > for the master key, would that make extracting hashes from the database > easier?
It is possible but not convenient; you would have to write code to do the decryption. > I looked at the keytab file (thnx) , unfortunately keytab files usually > don't store the krbtgt key (which is what I am looking for ) Nothing stops you from extracting a krbtgt key to a keytab. It is true that people do not usually store krbtgt keys in keytabs--but krbtgt keys are also not normally NT hashes; they are normally random and do not correspond to any password. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
