Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: LSADump2 Crashing Windows

LSADump2 Crashing Windows

From: oh face <0h.fac3_at_gmail.com>
Date: Fri, 2 Sep 2005 14:41:39 -0400

In my recent experience, LSADump2 has been crashing Windows boxes. I was
able to verify this on fully patched Windows XP and 2003. In further
examination, LSADump2, when executed, killed the "lsass" process, and with
the "winlogon" process still running, the system was forced to reboot. As
far as I know, LSADump2 is utilizing a DLL injection technique to dump the
contents of LSA secrets.

Question:
1. Has anyone had this experience? If so, is there a safe method to execute
this tool?
2. When I tested LSADump2 on various Windows boxes, not all fully patched
boxes were affected by this issue. What configuration of Windows is exactly
causing "lsass" to fail?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Sep 02 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]