[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Tool release: extract Windows credentials from registry hives

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Tool release: extract Windows credentials from registry hives
From: Brendan Dolan-Gavitt <bdolangavitt@xxxxxxxxxxxx>
Date: Wed, 20 Feb 2008 21:00:47 -0500

CredDump is a new tool implemented entirely in Python that is capable  
of extracting:

     * LM and NT hashes (SYSKEY protected)
     * Cached domain passwords
     * LSA secrets

It has no dependencies on any part of Windows, and operates directly  
on registry hive files. It is licensed under the GPL and intended to  
be easy to read, so you can find out how various Windows obfuscation  
algorithms work by reading the code. (I will also be posting a series  
of articles explaining the algorithms in detail on my blog in the  
coming weeks).

You can download the tool at:
http://code.google.com/p/creddump/

Or read a more detailed introduction at:
http://moyix.blogspot.com/2008/02/creddump-extract-credentials-from.html

CredDump is based on the hard work of many people, so please to read  
the credits section in the README.

Cheers,
Brendan

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Tool release: extract Windows credentials from registry hives
  - From: wac

Prev by Date: [Full-disclosure] Announce: RFIDIOt credit card sub-module: ChAP.py
Next by Date: [Full-disclosure] Advisory
Previous by thread: [Full-disclosure] Announce: RFIDIOt credit card sub-module: ChAP.py
Next by thread: Re: [Full-disclosure] Tool release: extract Windows credentials from registry hives
Index(es):
- Date
- Thread