Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Tool release: extract Windows credentials from registry hives

From: Brendan Dolan-Gavitt <bdolangavitt () wesleyan edu>
Date: Wed, 20 Feb 2008 21:00:47 -0500
CredDump is a new tool implemented entirely in Python that is capable  
of extracting:

     * LM and NT hashes (SYSKEY protected)
     * Cached domain passwords
     * LSA secrets

It has no dependencies on any part of Windows, and operates directly  
on registry hive files. It is licensed under the GPL and intended to  
be easy to read, so you can find out how various Windows obfuscation  
algorithms work by reading the code. (I will also be posting a series  
of articles explaining the algorithms in detail on my blog in the  
coming weeks).

You can download the tool at:
http://code.google.com/p/creddump/

Or read a more detailed introduction at:
http://moyix.blogspot.com/2008/02/creddump-extract-credentials-from.html

CredDump is based on the hard work of many people, so please to read  
the credits section in the README.

Cheers,
Brendan

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: