Results 1 to 5 of 5

Thread: update samdump2 please

Hybrid View

  1. #1
    Good friend of the forums
    Join Date
    Jan 2010
    Location
    outside chicago, il
    Posts
    442

    Default update samdump2 please

    The version shipped with BT4Pre is 1.1.1 and the new version is 2.0.1. The difference is bkhive is now a part of samdump2 so dumping the users is now a 1 step process instead of 2. It also fixes some endianness problems. You can get the source code for samdump2 2.0.1 from http://sourceforge.net/project/showf...roup_id=133599

    I thought you might want to know for BT4.
    I like the bleeding edge, but I don't like blood loss

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Done. Thanks for reminding me.

  3. #3
    Good friend of the forums
    Join Date
    Jan 2010
    Location
    outside chicago, il
    Posts
    442

    Default

    I wrote code for samdump 2.0.1 that will dump cached credentials for XP and 2000. I don't have NT 4 anymore, it should work but I don't know for sure. I haven't found the algorithm for Vista yet. I tried to get the code upstream but the developers didn't get back to me. I didn't help that I was sick at the time so I wasn't following up like normal.

    Did you want it?
    I like the bleeding edge, but I don't like blood loss

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Yes, if its in the form of a patch and I can review the code I would gladly take it. I actually waited so long on this one because previously we were using the samdump2 package from the main repo which we like to do when its possible. Its a pain for us to make a new package with the same name as one in the repo but in many cases we have to, because, frankly ubuntu sucks big time when it comes to updates. Feel free to sendf it to me via email. You can get my address from the about us page on remote-exploits main site if you dont already have it. Thanks.

  5. #5
    Good friend of the forums
    Join Date
    Jan 2010
    Location
    outside chicago, il
    Posts
    442

    Default

    I sent you the source code for what I made. It is isn't in patch format. I tried to minimize changes to the bkhive, hive, list, and samdump2 files. I added the lsasecret and nklm files.
    If you have any questions or problems feel free to email me.
    I like the bleeding edge, but I don't like blood loss

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •