[foofus-tools] All in one (pwdump6, fgdump, medusa).

[Richard Miles]

Hi Ron,

Thanks for reply.

> Besides what jmk said, also note that Vista and above (2008, 7, etc) disable
> Lanman by default, you'll only get NTLM.

Really bad.

> You can use the PTH program "iam.exe", the Samba patch works, Metasploit's
> windows/smb/psexec payload, or my Nmap scripts (in Nmap 4.85beta3 and
> higher), depending on what you're trying to do.

I'm unable of use "iam.exe" it is automatic deleted from the system
when I copy it, I think it's the norton AV. if I stop all services
with name symantec and copy a version packed with upx it is not
deteled, but when I try execute, it return "access denied".

This AV appear to be hard to fight. Any clue?

My goal is get a shell at the system. The problem is that the box I'm
using to lunch attacks is a very old linux, all old libs, etc. Most
app do not compile or work.

Does this psexec from metasploit run with pass the hash? Does it run
in metasploit version 2? If yes, can you give me some link?

And what about your nmap script?

> Hope that helps!
> Ron

Thanks