Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Cachedump - compatible with Windows Vista/7/2008

From: Agazzini Maurizio <inode () mediaservice net>
Date: Mon, 14 Feb 2011 12:45:34 +0100
Dear List,

I have just developed a Metasploit post exploitation module to obtain
cachedump remotely without injection into LSASS. The code is also
compatible with new version on Microsoft Windows (Vista/7/2008), the
hash can be cracked with John the Ripper patched with the last jumbo
patch (mscash2).

You can find the ruby code here:

http://lab.mediaservice.net/code.php#cachedump

Cheers,

inode

-- 
Maurizio Agazzini                     CISSP, OPST
Senior Security Advisor
Team Manager
@ Mediaservice.net Srl                Tel: +39-011-32.72.100
Via San Bernardino, 17                Fax: +39-011-32.46.497
10141 Torino - ITALY                  http://mediaservice.net

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: