Security Dashboard
fgdump "the password hash knife" upgraded to 2.0.0
Sunday 27 April 2008
fgdump is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories.Major changes that come with this release 2.0:
fgdump will now detect 64-bit targets and report them as such
64-bit pwdump and cachedump will be used when the target is detected as 64-bit
Fixed a problem when connecting to some Samba servers where RegQueryValueEx would not behave as expected
fgdump will now generate a session ID during each run - used to correlate failed logs and regular logs
Added command line to log file
Added session ID to log file
Created a new file with the format (session-id).failed which contains greppable data on failed hosts
A log file is always generated of the format (session-id).fgdump-log
"-l "will now override the default log name.
Added -a option to prevent tampering with AV. This is useful if you know AV is not picking it up, you want to tamper with the target as little as possible
POSTSCRIPTUM
RELATED ARTICLES
fgdump, Local auditing, Password Cracking, 8 May 2008 : fgdump "Mass Password Auditing Tool " version 2.1.0 released27 April 2008 : fgdump "the password hash knife" upgraded to 2.0.031 October 2007 : Fgdump - passwords dumping utility - v1.7 released
