[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <63526F30-FDD6-4920-9798-6D70F1935C6D@wesleyan.edu>
Date: Wed, 20 Feb 2008 21:00:47 -0500
From: Brendan Dolan-Gavitt <bdolangavitt@...leyan.edu>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: Tool release: extract Windows credentials from
registry hives
CredDump is a new tool implemented entirely in Python that is capable
of extracting:
* LM and NT hashes (SYSKEY protected)
* Cached domain passwords
* LSA secrets
It has no dependencies on any part of Windows, and operates directly
on registry hive files. It is licensed under the GPL and intended to
be easy to read, so you can find out how various Windows obfuscation
algorithms work by reading the code. (I will also be posting a series
of articles explaining the algorithms in detail on my blog in the
coming weeks).
You can download the tool at:
http://code.google.com/p/creddump/
Or read a more detailed introduction at:
http://moyix.blogspot.com/2008/02/creddump-extract-credentials-from.html
CredDump is based on the hard work of many people, so please to read
the credits section in the README.
Cheers,
Brendan
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists