Home page logo

pen-test logo Penetration Testing mailing list archives

dumping hashes on box w/ Norton AV
From: Neil <neil () horizontheory com>
Date: Thu, 10 May 2007 18:03:57 -0400

When I tried to run fgdump against a DC with Norton AV Enterprise
running on it, Norton AV was able to block & flag it.  At the time, it
wasn't a big deal (well, it was a good thing, since that meant the
server was that much more secure); but now I'm a bit interested in what
methods could be used to get around these sorts of mechanisms.

How do you slip your tools past the AV when it flags and deletes them on
the spot?


This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]