Good day pen-test folks,
I am pleased to announce the release of pwdump6 1.5.0 as well as fgdump 1.5.0
at the following locations:
http://www.foofus.net/fizzgig/fgdump
http://www.foofus.net/fizzgig/pwdump
For those unfamiliar with the tools, allow me to briefly summarize.
pwdump6 is an updated version of the classic Windows password hash dumper
pwdump3e. It has been updated to circumvent DEP which caused crashes on newer
operating systems, and has also had several features added to make it more
usable.
fgdump is a more powerful version of pwdump6 that performs cached credential
dumps of a target host as well as stopping several brands of antivirus while
the dumps are running. It is also fully multi-threaded and supports several
means of targeting large numbers of hosts. I recommend using fgdump for most
pen-test activities, as it has served us well over the past couple of years.
Version 1.5.0 of both programs takes advantage of some changes which makes them
less likely to be detected by antivirus, at least as of today. This will be
particularly helpful to those of you dealing with recent, more aggressive AV
solutions. I have also updated the README file for pwdump6 to give some
examples, as it seems some folks were having a hard time figuring out how to
get started with it.
As always, I welcome feedback and suggestions, and am certainly willing to help
you troubleshoot if you find yourself facing problems.
Enjoy!
--fizzgig
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
|