blackMath Posted May 15, 2019 Share Posted May 15, 2019 Hi everyone!! since from win10 version 1607 latest pwdump and other similar tools stop to dumps hash correctly, we decided to code a new version of pwdump8 that supports newly AES-encrypted hashes!! No source code was released at this time, but you can find binaries available to download on our site Enjoy your hashes!! Link to comment Share on other sites More sharing options...
hazem_2070 Posted February 26, 2020 Share Posted February 26, 2020 Thanks for your contribution, it's working perfectly , but is still unavailable at KALI repository.. I wanna ask you , why the LM hash field still populated with a code at WINDOWS 10 despite Microsoft disable this hash technique from Vista and onward. Link to comment Share on other sites More sharing options...
blackMath Posted May 6, 2020 Author Share Posted May 6, 2020 Hi! 1st question: we know about that. and all tools on the kali suite as far as im concerned (last time i checked..) dumps the wrong hash.. maybe this will be the time ill write to offensive-security to add our new (and working) version... 2nd question: it's due to backward compatibility: it's true that LM hashes are disabled by default, but you can still force win to enable that. and because of that, the registry keys holding those hashes keeps "a place" also for the LM hashes to guarantee backward compatibility. because we deal with a raw registry binary key, and the program works in terms of simple offsets, (where those hashes are stored) we dump anyway the hash. there are 3 possibilities: - LM is disabled: the space holding the hash is filled with 0s (so we dump what is called "the empty LM hash") - LM is enabled but password not set: again, filled with 0s and again we dump the empty hash - LM is enabled and a password is set: we dump the corresponding hash So, if the doubt is: do we tell between 1st and the 2nd case? the answer is, actually, no. I don't remeber if that information is inside those same reg keys we use for the actual dump, or anywhere else... i could fix it up for sure on a "live" dump (on a live system), for offline dump it depends on it, i wont add more keys to be exported, to maintain the same behavior of the others pwdump versions... I will check! i hope now everything its clear... for further question write to us @ info@blackmath.it! I hope you (and me) soon will find pwdump8 in the kali repo! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.