|
Title: Safely Dumping Hashes from Live Domain Controllers Post by: 3xban on November 22, 2011, 11:50:14 AM Pretty good article from PaulDotCom site on utilizing Volume Shadow Copies to dump hashes from a live domain controller.
http://pauldotcom.com/2011/11/safely-dumping-hashes-from-liv.html (http://pauldotcom.com/2011/11/safely-dumping-hashes-from-liv.html) I was thinking about doing this with a new test box to see how difficult it would be. I imagine if you are already in the network and have already compromised it then this just might be salt in the wound for the system admins. Still nifty though. Title: Re: Safely Dumping Hashes from Live Domain Controllers Post by: Ignatius on November 22, 2011, 12:56:37 PM I saw this too and hoped to get time to play around in a virtual environment. I'll be interested to hear how you get on with it.
There are several comments in LaNMaSteR53.blog (http://lanmaster53.com/2011/11/safely-dumping-hashes-from-live-domain-controllers/#comments) about this and, in particular, experiences of folks who have tried it out. Title: Re: Safely Dumping Hashes from Live Domain Controllers Post by: 3xban on November 22, 2011, 02:44:42 PM It looks fun. I may try to mess with it this weekend. Thanks for the blog link!
Title: Re: Safely Dumping Hashes from Live Domain Controllers Post by: eth3real on November 23, 2011, 01:42:37 PM I'll definitely be looking into this one. Thanks 3xban! ;D
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |