.

Safely Dumping Hashes from Live Domain Controllers

<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Tue Nov 22, 2011 12:50 pm

Safely Dumping Hashes from Live Domain Controllers

Pretty good article from PaulDotCom site on utilizing Volume Shadow Copies to dump hashes from a live domain controller.

http://pauldotcom.com/2011/11/safely-dumping-hashes-from-liv.html

I was thinking about doing this with a new test box to see how difficult it would be.  I imagine if you are already in the network and have already compromised it then this just might be salt in the wound for the system admins.  Still nifty though.
Certs: GCWN
(@)Dewser
<<

Ignatius

Jr. Member
Jr. Member

Posts: 91

Joined: Sun Mar 22, 2009 9:51 am

Post Tue Nov 22, 2011 1:56 pm

Re: Safely Dumping Hashes from Live Domain Controllers

I saw this too and hoped to get time to play around in a virtual environment.  I'll be interested to hear how you get on with it.

There are several comments in LaNMaSteR53.blog about this and, in particular, experiences of folks who have tried it out.
Last edited by Ignatius on Tue Nov 22, 2011 2:42 pm, edited 1 time in total.
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Tue Nov 22, 2011 3:44 pm

Re: Safely Dumping Hashes from Live Domain Controllers

It looks fun.  I may try to mess with it this weekend.  Thanks for the blog link!
Certs: GCWN
(@)Dewser
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Wed Nov 23, 2011 2:42 pm

Re: Safely Dumping Hashes from Live Domain Controllers

I'll definitely be looking into this one. Thanks 3xban! ;D
Put that in your pipe and grep it!

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software