Date: Mon, 18 Feb 2008 18:26:32 -0500 From: Jaime <secadmin@...il.com> To: john-users@...ts.openwall.com Subject: Re: OT No output from fgdump Have you disabled AV? I prefer gsecdump ( http://www.truesec.com/PublicStore/catalog/Downloads,223.aspx ). I have found during my security testing that you do not need to disable AV for this to work. -Jaime On Feb 18, 2008 2:08 AM, Russell Fulton <r.fulton@...kland.ac.nz> wrote: > There does not seem to be a mailing list for pwdump6 or fgdump so I'll > try here as this is closely related to JtR. > > An admin of one of our domains recently tried dumping hashes from a > domain controller. He logged in as admin and ran fgdump which sat > around for a while and then exited without apparently producing any > output. The AD is set so it does not store LM hashes but does have > standard NTLM (v1 ?) hashes. > > Any idea what is going on. > > Admins of other domains have succeeded in getting hashes from their > ADs but all of them had LM hashes (but not for much longer ;). > Documentation on pwdump6 says that it can dump both LM and NTLM hashes. > > Boy are we having fun with those LM hashes ;) once they see how > easily cracked they are I am having no trouble convincing people to > get rid of them of their ADs. > > Cheers, Russell > > > -- > To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply > to the automated confirmation request that will be sent to you. > >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.