Penetration Testing mailing list archives
Cachedump - compatible with Windows Vista/7/2008
From: Agazzini Maurizio <inode () mediaservice net>
Date: Mon, 14 Feb 2011 12:45:34 +0100
Dear List, I have just developed a Metasploit post exploitation module to obtain cachedump remotely without injection into LSASS. The code is also compatible with new version on Microsoft Windows (Vista/7/2008), the hash can be cracked with John the Ripper patched with the last jumbo patch (mscash2). You can find the ruby code here: http://lab.mediaservice.net/code.php#cachedump Cheers, inode -- Maurizio Agazzini CISSP, OPST Senior Security Advisor Team Manager @ Mediaservice.net Srl Tel: +39-011-32.72.100 Via San Bernardino, 17 Fax: +39-011-32.46.497 10141 Torino - ITALY http://mediaservice.net ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Cachedump - compatible with Windows Vista/7/2008 Agazzini Maurizio (Feb 14)