Cachedump is great for retrieving the cached Active Directory credentials from XP machines.
With BigPatch for John the Ripper, these hashes can be broken through dictionary and incremental cracking. However, I'm wondering if anyone has been able to put Rainbowcrack to work on these types of hashes.
cachedump & bigpatch
http://www.off-by-one.net/misc/cachedump.html
Information on the hashing process used on Active Directory credentials is at:
http://www.securiteam.com/tools/5JP0I2KFPA.html
Your help is very much appreciated! It doesn't look like anyone has published this vector before, so cachedump+rainbowcrack is new territory.
Thanks,
kidmystic