DUMPING HASHES IN MEMORY

This process injects a DLL into the LSASS system process or say parses the memory for specific patterns and inspect these memory pages content.

This can lead to a Blue Screen of Death (BSoD) condition following a crash of the LSASS process therefore this action is not recommended on production environments.

The following screen-shot shows the dump of SAM users with gsecdump on a Windows Server 2003 SP2 32-bit.

Use gsecdump.exe -s > dump.txt to dump into text file.


You can crack hash With Cain or online here


Password hashes dump tools

Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • IDS, IPS AND FIREWALL EVASION USING NMAP
    NIDS – Network Intrusion Detection System   • It Uses a network tap, span port, or hub to collect packets on the network  • Attempts t...
  • PRIVILEGE ESCALATION
    WINDOWS 8.1 PRIVILEGE ESCALATION BY BYPASSING UAC PHYSICALLY This tool works as you can see in the picture in win 8.1, but it's li...
  • ALL ABOUT DNS
    Domain Name Servers (DNS) are the Internet's equivalent of a phone book. They maintain a directory of domain names and translate them ...
  • FOOTPRINTING
    Footprinting  (Also Known As Reconnaissance) Is The Technique Used For Gathering Information About Computer Systems And The Entit...
  • HARDWARE SECURITY
    Hardware security is vulnerability protection that comes in the form of a physical device rather than software that is installed on the ...
  • NMAP CHEAT SHEET
    Target Specification 192. 168. 100. 1-50  IP Range 192. 168. 100. 1/24  CIDR Spec. -iL Filename         IP Addr File  -iR...
  • INSTALLING PRESISTENCE BACKDOOR IN WINDOWS
    USING METASPLOIT  windows/local/s4u_persistence  windows/local/vss_persistence  windows/local/registry_persistence  windows/manage...