Passwords in Active Directory are stored in a hash. In the90’s and most of the 2000’s the computing power was not enough to crack thehash in a timely fashion. Today with the high computing power of most devices,this attack is becoming much more common. The thing is you do not even need toperform a brute-force attack to gain access to the passwords.
Getting access to the hash database(what you will need toget the administrator password) is very easy with the availability of freedown loadable tools from the Internet.
To see if you could be vulnerable to this attack you canperform a test on your network. Running the test will require at least twocomputers, one being a domain controller and the other being a member server ofthe domain. You will also need a few free utilities from Truesec – Islsass X86and RunAsh x86. To get complete instructions go to tinyurl.com/hash338