Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Offline sam dump?
From: "Erik Birkholz" <erik () foundstone com>
Date: Wed, 28 Jan 2004 19:35:32 -0800

Better yet, why are you trying to dump sam as a non-admin?  Are you interactive on the box as a user or something?

(Msg from BlackBerry Wireless Handheld)
Erik Pace Birkholz - CISSP, MCSE
Foundstone, Inc.
Strategic Security

Read Special Ops and mount an assault to eradicate network negligence today. www.SpecialOpsSeries.com

[Tel] 949.297.5591
[Cel] 323.252.5916
[Fax] 949.297.5575
[pgp] https://www.foundstone.com/pgpkeys/erik-birkholz.asc

-----Original Message-----
From: Mark Melonson <markmelonson () hotmail com>
To: pen-test () securityfocus com <pen-test () securityfocus com>
Sent: Tue Jan 27 17:33:32 2004
Subject: Offline sam dump?


I'm conducting a small scale pen-test for a client... I have conducted a 
remote assesment and am now starting on internal testing. They are using 
fully patched Win2k Pro boxes, with WinXPs scattered amogsnt the network 
(Win2k Servers). I know about pwdump2-3e, but need to dump the SAM without a 
local Admin account. I have used the Linux bootdisk method to rewrite the 
hash, but I need something to use with John. Thanx...


Rethink your business approach for the new year with the helpful tips here. 



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]