Re: dumping hashes on box w/ Norton AV



Neil wrote:
When I tried to run fgdump against a DC with Norton AV Enterprise
running on it, Norton AV was able to block & flag it. At the time, it
wasn't a big deal (well, it was a good thing, since that meant the
server was that much more secure); but now I'm a bit interested in what
methods could be used to get around these sorts of mechanisms.


Curious - what version of fgdump? 1.5.0 is more evasive when it comes to
AV, and if it's still being picked up, I'm very interested to find out
by what.

--fizzgig

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------