Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: dumping hashes on box w/ Norton AV
From: Teh Fizzgig <fizzgig () foofus net>
Date: Thu, 10 May 2007 20:18:44 -0500

Neil wrote:
When I tried to run fgdump against a DC with Norton AV Enterprise
running on it, Norton AV was able to block & flag it.  At the time, it
wasn't a big deal (well, it was a good thing, since that meant the
server was that much more secure); but now I'm a bit interested in what
methods could be used to get around these sorts of mechanisms.


Curious - what version of fgdump? 1.5.0 is more evasive when it comes to
AV, and if it's still being picked up, I'm very interested to find out
by what.

--fizzgig

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]