On Tue, 2006-05-02 at 21:27 -0400, Michael B Allen wrote: > I have modified pwdump2 [1] to export a "standard" kerberos keytab > file. This utility is called ktexport and you can download it here: > > http://www.ioplex.com/utilities/ > > README.ktexport is inlined below but I just want to stress that currently > the key is the only data within each entry that is actually correct. The > vno and so on are default values that are almost certainly wrong. However, > it turns out that Ethereal doesn't care. So the generated sam.keytab > can be used with Ethereal to decrypt Kerberos tickets. Yeah! The other similar utility is samba4's 'net samdump keytab'. This does the same thing, for the same purpose, but remotely. You must join the domain as a BDC first (net join bdc <domain>). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
This is a digitally signed message part