[foofus-tools] fgdump - Against a remote Windows 7

John Strand john at blackhillsinfosec.com
Mon Mar 25 11:53:02 PDT 2013


I know it is not an answer to your question..

But we have been using Mimikatz to great effect:

http://pauldotcom.com/2012/02/dumping-cleartext-credentials.html

On Mon, Mar 25, 2013 at 10:35 AM, Rich Rumble <richrumble at gmail.com> wrote:

> On Sun, Mar 24, 2013 at 2:47 AM, madfran at iies.es <madfran at iies.es> wrote:
>
>> Hi,
>>
>> I am testing fgdump 3.0.0 in remote mode
>> Scenario.
>> - fgdump is launched from a Windows 7 Professional- 32 bit
>> - The target is a Windows 7 Professional - 64 bit
>> - I know both Administrator password and both hash
>>
>> Two problems,
>> - fgdump aws not able to  open the cahe
>> - The dump of the hash is not correct
>>
>> Solution for this issue?
>>
> The tool (pw/fgdump) hasn't been updated in some time, but I'd wager it's
> the same issue many similar hash extractors have faced since windows 7 came
> out:
> https://media.defcon.org/dc-20/presentations/Reynolds/DEFCON-20-Reynolds-Stamp-Out-Hash-Extraction.pdfAccording to that pdf, FGDump was being worked on...
> -rich
>
> _______________________________________________
> foofus-tools mailing list
> foofus-tools at lists.foofus.net
> http://lists.foofus.net/listinfo.cgi/foofus-tools-foofus.net
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.foofus.net/pipermail/foofus-tools-foofus.net/attachments/20130325/d1b117f7/attachment-0004.htm>


More information about the foofus-tools mailing list