[foofus-tools] Medusa LMv2 and pwdump6 freezing?

Tue Jun 9 09:05:05 PDT 2009

Hi Per,

Thanks for reply.

My problem is that I don't have access to the GUI - just console
(cmd.exe) access. I tried to stop all AV services (net stop) - but it
stop all services, except one that always fail and the AV is never
completely disable.

Thanks

On Tue, Jun 9, 2009 at 2:18 AM, Per Thorsheim<putilutt at online.no> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> As for your pwdump6 problem with AV software: using the "disable"
> function in several AV products is not enough,they still keep processes
> running that will break your ability to run pwdump6 properly. At least
> that's my experience.
>
> Use the AV disable function, then stop all AV services running on your
> system. Depending on the AV software, this may be one or several
> different services.
>
> Best regards,
> Per Thorsheim
>
>
> Richard Miles wrote:
>> Y0!
>>
>> I use a lot the foofus tools (yes, they are very good :) and I have
>> one doubt and a possible problem to report...
>>
>> - Based on the documentation LMv2 auth method for Medusa appear to be
>> the best for brute force. What is the big difference from LM and LMv2?
>> Is LMv2 case insensitive (like LM)? If yes, this would be awesome -
>> brute force with case insensitive method and supported by all Windows
>> versions is amazing, too good to be true.
>>
>> - I'm using pwdump6 - I'm not using fgfump because it's detected by
>> the AV + Endpoint security and even as Administrator I'm unable to
>> complete disable / uninstall the AV + End point solution. I executed
>> pwdump6 with Administrator accounts and it just freeze (keep running
>> forever), so I tried as SYSTEM and the same happens. Below is a
>> example how I'm using under SYSTEM:
>>
>> C:\WINDOWS>pwdump -o dump.txt localhost
>> pwdump -o hs.txt localhost
>>
>> Service start failed: 2
>> Press return to exit...
>>
>> pwdump6 Version 1.5.0-BETA by fizzgig and the mighty group at foofus.net
>> ** THIS IS A BETA VERSION! YOU HAVE BEEN WARNED. **
>> Copyright 2006 foofus.net
>>
>> This program is free software under the GNU
>> General Public License Version 2 (GNU GPL), you can redistribute it and/or
>> modify it under the terms of the GNU GPL, as published by the Free Software
>> Foundation.  NO WARRANTY, EXPRESSED OR IMPLIED, IS GRANTED WITH THIS
>> PROGRAM.  Please see the COPYING file included with this program
>> and the GNU GPL for further details.
>>
>>
>> C:\WINDOWS>pwdump -o dump.txt localhost
>> pwdump -o tdump.txt localhost
>>
>>
>> It's strange that at first time it failed, but on the second appear to
>> work fine, but it never finish - it keeps running forever. I allowed
>> the process running 2 times for more than 1 hour to be sure about
>> that. I already used pwdump6 in machines with a lot of users and it
>> take at most 15 - 17 minutes.
>>
>> AFAIK, there is not way to enable debug or verbose at pwdump6, there is?
>>
>> So there is any trick / suggestion for me?
>>
>> Thanks
>> _______________________________________________
>> foofus-tools mailing list
>> foofus-tools at lists.foofus.net
>> http://lists.foofus.net/listinfo.cgi/foofus-tools-foofus.net
>>
>>
>>
>>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.10-svn4880 (MingW32)
>
> iEYEARECAAYFAkouDNYACgkQsXl+Y9DQrvZsXACguvbaM9RdEnRYlh7sYjzfE5zq
> IFgAoL/K7ta3NXfkYdxe3lY6MdT/+Ou1
> =/oDy
> -----END PGP SIGNATURE-----
>
>