From: Danett song (danett18@yahoo.com.br)
Date: Fri May 11 2007 - 10:08:51 EDT
Hello
If you are admin and can dump hashs, you can before it
kill the antivirus software...
cya
--- Neil <neil@horizontheory.com> escreveu:
> When I tried to run fgdump against a DC with Norton
> AV Enterprise
> running on it, Norton AV was able to block & flag
> it. At the time, it
> wasn't a big deal (well, it was a good thing, since
> that meant the
> server was that much more secure); but now I'm a bit
> interested in what
> methods could be used to get around these sorts of
> mechanisms.
>
> How do you slip your tools past the AV when it flags
> and deletes them on
> the spot?
>
> --
> Neil.
>
>
>
------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
>
------------------------------------------------------------------------
>
>
__________________________________________________
Fale com seus amigos de graça com o novo Yahoo! Messenger
http://br.messenger.yahoo.com/
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:47 EDT