Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: dumping hashes on box w/ Norton AV
From: Danett song <danett18 () yahoo com br>
Date: Fri, 11 May 2007 11:08:51 -0300 (ART)

Hello

If you are admin and can dump hashs, you can before it
kill the antivirus software...

cya

--- Neil <neil () horizontheory com> escreveu:

When I tried to run fgdump against a DC with Norton
AV Enterprise
running on it, Norton AV was able to block & flag
it.  At the time, it
wasn't a big deal (well, it was a good thing, since
that meant the
server was that much more secure); but now I'm a bit
interested in what
methods could be used to get around these sorts of
mechanisms.

How do you slip your tools past the AV when it flags
and deletes them on
the spot?

-- 
Neil.



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020

------------------------------------------------------------------------




__________________________________________________
Fale com seus amigos  de gra├ža com o novo Yahoo! Messenger 
http://br.messenger.yahoo.com/ 

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]