Home page logo
/

metasploit logo Metasploit mailing list archives

Re: Hashdump
From: Jonathan Cran <jcran () 0x0e org>
Date: Fri, 16 Apr 2010 14:27:10 -0400

see HD's blog post from Jan 1
http://blog.metasploit.com/2010/01/safe-reliable-hash-dumping.html for
background info. the registry extraction method (linked in the blog) is
handy.

jcran

On Fri, Apr 16, 2010 at 1:47 PM, Matt Gardenghi <mtgarden () gmail com> wrote:

Interesting.  That technique obtained the Administrator and Guest hashes.
 There are other users on the box and not all of them are domain accounts.
 Still it was better then what I had been getting.

Matt


On 4/16/2010 9:39 AM, HD Moore wrote:

On 4/16/2010 7:57 AM, Matt Gardenghi wrote:


Why would this be failing?  It seems as if MS has changed something to
fight back.  Also, I've been unable to open a shell on the box, once
I've elevated my privs to system: execute -f cmd.exe -c -t .

Any pointers would be helpful.  Thanks.


Try "run hashdump" to use the registry method, this only supports local
accounts and not domains right now.
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework




-- 
Jonathan Cran
jcran () 0x0e org
515.890.0070
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault