View Issue Details

IDProjectCategoryView StatusLast Update
0001149Kali Linux[All Projects] New Tool Requestspublic2014-04-15 19:34
Reporterg0tmi1k Assigned Todookie  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Product Version 
Target VersionFixed in Version1.0.7 
Summary0001149: fgdump
DescriptionName: fgdump
Homepage: http://foofus.net/goons/fizzgig/fgdump/
Download: http://www.foofus.net/fizzgig/fgdump/fgdump-2.1.0.zip
Description: A utility for dumping passwords on Windows NT/2000/XP/2003 machines

Additional Informationfgdump was born out of frustration with current antivirus (AV) vendors who only partially handled execution of programs like pwdump. Certain vendors' solutions would sometimes allow pwdump to run, sometimes not, and sometimes lock up the box. As such, we as security engineers had to remember to shut off antivirus before running pwdump and similar utilities like cachedump. Needless to say, we're forgetful sometimes...

So fgdump started as simply a wrapper around things we had to do to make pwdump work effectively. Later, cachedump was added to the mix, as were a couple other variations of AV. Over time it has grown, and continues to grow, to support our assessments and other projects. We are beginning to use it extensively within Windows domains for broad password auditing, and in conjunction with other tools (ownr and pwdumpToMatrix.pl) for discovering implied trust relationships.

fgdump is targetted at the security auditing community, and is designed to be used for good, not evil. :) Note that, in order to effectively use fgdump, you're going to need high-power credentials (Administrator or Domain Administrator, in most cases), thus limiting its usefulness as a hacking tool. However, hopefully some of you other security folks will find this helpful.

Activities

dookie

2014-04-15 19:34

administrator   ~0001702

Incorporated fgdump in windows-binaries_0.4-0kali1. It will be in the repos soon.

Thanks for the suggestion.

Issue History

Date Modified Username Field Change
2014-04-12 09:23 g0tmi1k New Issue
2014-04-15 19:34 dookie Note Added: 0001702
2014-04-15 19:34 dookie Status new => resolved
2014-04-15 19:34 dookie Fixed in Version => 1.0.7
2014-04-15 19:34 dookie Resolution open => fixed
2014-04-15 19:34 dookie Assigned To => dookie
2014-05-12 17:16 xploitx Issue cloned: 0001215