Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 18 Feb 2008 18:26:32 -0500
From: Jaime <secadmin@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: OT No output from fgdump

Have you disabled AV? I prefer gsecdump (
http://www.truesec.com/PublicStore/catalog/Downloads,223.aspx ).  I have
found during my security testing that you do not need to disable AV for this
to work.

-Jaime

On Feb 18, 2008 2:08 AM, Russell Fulton <r.fulton@...kland.ac.nz> wrote:

> There does not seem to be a mailing list for pwdump6 or fgdump so I'll
> try here as this is closely related to JtR.
>
> An admin of one of our domains recently tried dumping hashes from a
> domain controller.  He logged in as admin and ran fgdump which sat
> around for a while and then exited without apparently producing any
> output.  The AD is set so it does not store LM hashes but does have
> standard NTLM (v1 ?) hashes.
>
> Any idea what is going on.
>
> Admins of other domains have succeeded in getting hashes from their
> ADs but all of them had LM hashes (but not for much longer ;).
> Documentation on pwdump6 says that it can dump both LM and NTLM hashes.
>
> Boy are we having fun with those LM hashes ;)  once they see how
> easily cracked they are I am having no trouble convincing people to
> get rid of them of their ADs.
>
> Cheers, Russell
>
>
> --
> To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
> to the automated confirmation request that will be sent to you.
>
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.