I have just developed a Metasploit post exploitation module to obtain
cachedump remotely without injection into LSASS. The code is also
compatible with new version on Microsoft Windows (Vista/7/2008), the
hash can be cracked with John the Ripper patched with the last jumbo
patch (mscash2).
You can find the ruby code here:
http://lab.mediaservice.net/code.php#cachedump
Cheers,
inode
--
Maurizio Agazzini CISSP, OPST
Senior Security Advisor
Team Manager
@ Mediaservice.net Srl Tel: +39-011-32.72.100
Via San Bernardino, 17 Fax: +39-011-32.46.497
10141 Torino - ITALY http://mediaservice.net
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
I have just developed a Metasploit post exploitation module to obtain
cachedump remotely without injection into LSASS. The code is also
compatible with new version on Microsoft Windows (Vista/7/2008), the
hash can be cracked with John the Ripper patched with the last jumbo
patch (mscash2).
You can find the ruby code here:
http://lab.mediaservice.net/code.php#cachedump
Cheers,
inode
--
Maurizio Agazzini CISSP, OPST
Senior Security Advisor
Team Manager
@ Mediaservice.net Srl Tel: +39-011-32.72.100
Via San Bernardino, 17 Fax: +39-011-32.46.497
10141 Torino - ITALY http://mediaservice.net
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]