Re: SAM user dump

From: frank boldewin (frank.boldewin@gmx.de)
Date: Sat Sep 17 2005 - 04:37:43 EDT

• Next message: Murali Raju: "Re: hopfake question."
• Previous message: Paul Robertson: "Re: hopfake question."
• In reply to: DokFLeed: "SAM user dump"
• Next in thread: Wyatt Neal: "RE: SAM user dump"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

i usually use pwdump for dumping sam hashes from a box.
depending on the version pwdump can dump locally and remote,
eg pwdump2 works locally and pwdump3 by using a remote machinename.

----- Original Message -----
From: "DokFLeed" <dokfleed@dokfleed.net>
To: <pen-test@securityfocus.com>
Sent: Friday, September 16, 2005 4:33 PM
Subject: SAM user dump

> Hey,
> I am looking for a way to dump the SAM hashes by USER account. assume the
> box doesn't have CD or Floppy to boot from. No repair files , or Registry
> SAM hashes available.
>
> any tools to dump the hashes for user from a cmd console
> or should we start coding one !
>
> DokFLeed
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are futile against web application hacking. Check your website for
> vulnerabilities to SQL injection, Cross site scripting and other web
> attacks before hackers do! Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Murali Raju: "Re: hopfake question."
• Previous message: Paul Robertson: "Re: hopfake question."
• In reply to: DokFLeed: "SAM user dump"
• Next in thread: Wyatt Neal: "RE: SAM user dump"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:55 EDT