newbie_mdv Posted September 26, 2007 Share Posted September 26, 2007 hi some dumps aren't working though i was logged in as admin i get in the log file "Access is denied." SAM section messenger LSA secrets Why didn't it work ? Can i fix it ? Thanks in advance Quote Link to comment Share on other sites More sharing options...
GonZor Posted September 26, 2007 Share Posted September 26, 2007 That is generally because your anti virus is blocking the tools that dump this information. Quote Link to comment Share on other sites More sharing options...
trustme Posted September 27, 2007 Share Posted September 27, 2007 Any more info? OS? Payload? In vista some of this information shouldn't be dumped intentionally. Quote Link to comment Share on other sites More sharing options...
newbie_mdv Posted September 28, 2007 Author Share Posted September 28, 2007 i am using Gonzor's Payload on a U3 Kingston ,OS is a Win XP SP2 i tried it on another PC having NAV 2005 & NIS ,logged in as Admin too i just allowed the script and everything went fine and the dumps are all there hmm , don't know why it didn't work on the first PC ! Thanks again Quote Link to comment Share on other sites More sharing options...
GonZor Posted September 28, 2007 Share Posted September 28, 2007 hmm , don't know why it didn't work on the first PC ! Did the first PC have an AV if so which AV ? Quote Link to comment Share on other sites More sharing options...
newbie_mdv Posted September 30, 2007 Author Share Posted September 30, 2007 hmm now i figured it out the first PC was NAV 2007 when i installed NAV 2007 on the second PC it blocked pwdump and all other tools. Quote Link to comment Share on other sites More sharing options...
newbie_mdv Posted October 2, 2007 Author Share Posted October 2, 2007 hi hmm , How does NAV identify pwdump , i mean if i modify anything in the code and compile it again ,it will be a different file .. right ? or i am being naive ? Thanks Quote Link to comment Share on other sites More sharing options...
remkow Posted October 3, 2007 Share Posted October 3, 2007 Crypt the file with a private crypter, that would help And yeah recompiling with edited code sometimes works, but most modern avs see through that, unless you change entire functions.. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.