Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 4 Feb 2007 18:43:42 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Windows Domain Account Cracking

Disclaimer: I'm not familiar with Windows.

On Fri, Feb 02, 2007 at 06:15:32PM +0000, Hari Sekhon wrote:
> Ok, googling I found pwdump2 ...

I suggest that you try one of the newer implementations, such as pwdump6:

	http://www.foofus.net/fizzgig/pwdump/

pwdump6 is supposed to resolve the LSASS crash syndrome with DEP - this
is described right on the above web page.

I also have a collection of other PWDUMP tools linked to from here:

	http://www.openwall.com/passwords/microsoft-windows-nt-2000-xp-2003

And there's a recent one that I haven't gotten around to trying out and
listing yet:

	http://reedarvin.thearvins.com/tools.html

(but I expect that you will find pwdump6 to be more mature).

> I even tried disabling DEP for lsass but got the same result...

I am guessing that you did not really disable DEP.  Maybe your change
failed to apply to the existing process or something.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ