Penetration Testing mailing list archives
Re: Password audits
From: Nicolas RUFF <nicolas.ruff () gmail com>
Date: Sat, 11 Nov 2006 15:12:04 +0100
Indeed most problems are coming from DEP being enabled, as pointed out before on the list: http://seclists.org/pen-test/2005/Sep/0229.html To fix this, just replace: alloc(..., PAGE_READWRITE); with: alloc(..., PAGE_EXECUTE_READWRITE); in the source. In my experience, you can also run into trouble when starting PWDUMP from inside a "SYSTEM" shell, or from a Terminal Server (or Citrix) session. If "samdump.dll" is blocked at load time by some antivirus, you will also experience PWDUMP becoming a "dead process" (infinite blocking on ReadPipe()). At the end, I would recommend using Cain (with remote Abel server on the target). It is more stable, DEP-compatible, and not always detected by antivirus. http://www.oxid.it/ Regards, - Nicolas RUFF ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Re: Password audits Nicolas RUFF (Nov 11)