HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 60 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Safely Dumping Hashes from Live Domain Controllers
EH-Net
May 24, 2013, 11:28:13 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Safely Dumping Hashes from Live Domain Controllers  (Read 2574 times)
0 Members and 1 Guest are viewing this topic.
3xban
Hero Member
*****
Offline Offline

Posts: 608


View Profile WWW
« on: November 22, 2011, 11:50:14 AM »
Pretty good article from PaulDotCom site on utilizing Volume Shadow Copies to dump hashes from a live domain controller.

http://pauldotcom.com/2011/11/safely-dumping-hashes-from-liv.html

I was thinking about doing this with a new test box to see how difficult it would be.  I imagine if you are already in the network and have already compromised it then this just might be salt in the wound for the system admins.  Still nifty though.
Logged
Certs: GCWN
(@)Dewser
Ignatius
Jr. Member
**
Offline Offline

Posts: 91


View Profile
« Reply #1 on: November 22, 2011, 12:56:37 PM »
I saw this too and hoped to get time to play around in a virtual environment.  I'll be interested to hear how you get on with it.

There are several comments in LaNMaSteR53.blog about this and, in particular, experiences of folks who have tried it out.
« Last Edit: November 22, 2011, 01:42:26 PM by Ignatius » Logged
3xban
Hero Member
*****
Offline Offline

Posts: 608


View Profile WWW
« Reply #2 on: November 22, 2011, 02:44:42 PM »
It looks fun.  I may try to mess with it this weekend.  Thanks for the blog link!
Logged
Certs: GCWN
(@)Dewser
eth3real
Sr. Member
****
Offline Offline

Posts: 309



View Profile WWW
« Reply #3 on: November 23, 2011, 01:42:37 PM »
I'll definitely be looking into this one. Thanks 3xban! Grin
Logged
Put that in your pipe and grep it!
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.082 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.