Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 27 Jan 2013 19:13:00 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Hash from a Windows 7

On Sun, Jan 27, 2013 at 1:16 PM,  <madfran@...-ezine.org> wrote:
> Yes. I know,... but this is the data that I obtain from pwdump7.
>
> As I said in other mail, I am trying to report the issue to Tarasco.
It may not be removing the SYSKEY encryption like it should. I'd try
Cain&Abel from oxid.it. Also if your AV is picking up on gesecdump and
not pwd7 then maybe it won't pick up on cain, but most AV's do.
Security tools are often dual purpose, if you make an exception for
Cain or another tool, it's not the end of the world, just make sure
you remove the exception. You don't have to turn AV completely off,
most allow you to make exceptions. If you have a machine you can
install cain on, and remove your HD, you can then point cain to the
system and sam file's so it can get the boot key and decrypt the sam's
syskey and then dump the hashes.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.