[foofus-tools] pwdump6

Johny Death johnydeath at hotmail.com
Tue May 25 05:15:18 PDT 2010


Hi Guys,

just arrived in the middle of the thread and it's very interesting stuff - I see Keith has success now which is great.

I'd like to get current opinions regarding best methodology of hash dumping - my last encounter which was several months ago and ended with the DC dropping because of McAfee - yes I've seen the warnings... afterwards.

Will ver3.0 alpha (and production) negate the need to turn off the AV, or would it still be considered better to get the AV disabled for the period of the audit/test?  If this is the case and if part of a pentest, then an agreement would have to be made between customer and tester like 'well I believe I can achieve a hash dump, but a) do you want me to prove it, and b) if you do, then what do you want to do to manage the risk'. 

I read a while ago that Metasploit uses a 'safe' technique now? http://blog.metasploit.com/2010/01/safe-reliable-hash-dumping.html

What does the floor think?

Keep up the good work - it's greatly appreciated


 
 		 	   		  
_________________________________________________________________
http://clk.atdmt.com/UKM/go/197222280/direct/01/
We want to hear all your funny, exciting and crazy Hotmail stories. Tell us now
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.foofus.net/pipermail/foofus-tools-foofus.net/attachments/20100525/9c6d15cd/attachment-0004.htm>


More information about the foofus-tools mailing list