Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Password audits

from [Nicolas RUFF] Network Security [Permanent Link]
Subject: Re: Password audits
Date: Sat, 11 Nov 2006 15:12:04 +0100 
Indeed most problems are coming from DEP being enabled, as pointed out
before on the list:
http://seclists.org/pen-test/2005/Sep/0229.html

To fix this, just replace:
alloc(..., PAGE_READWRITE);
with:
alloc(..., PAGE_EXECUTE_READWRITE);
in the source.

In my experience, you can also run into trouble when starting PWDUMP
from inside a "SYSTEM" shell, or from a Terminal Server (or Citrix) session.

If "samdump.dll" is blocked at load time by some antivirus, you will
also experience PWDUMP becoming a "dead process" (infinite blocking on
ReadPipe()).

At the end, I would recommend using Cain (with remote Abel server on the
target). It is more stable, DEP-compatible, and not always detected by
antivirus.
http://www.oxid.it/

Regards,
- Nicolas RUFF

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: Password audits, Nicolas RUFF <=
Previous by Date:  New Article on SecurityFocus: FreeBSD Security Event Auditing (with Robert Watson) interview, Erin Carroll
Next by Date:  Re: Nikto open ports, Radu Oprisan
Previous by Thread:  New Article on SecurityFocus: FreeBSD Security Event Auditing (with Robert Watson) interview, Erin Carroll
Next by Thread:  N-Stalker or Acunetix, exploit1001
Indexes:  [Date] [Thread] [Top] [All Lists]