Re: dumping hashes on box w/ Norton AV

Neil wrote:
When I tried to run fgdump against a DC with Norton AV Enterprise
running on it, Norton AV was able to block & flag it. At the time, it
wasn't a big deal (well, it was a good thing, since that meant the
server was that much more secure); but now I'm a bit interested in what
methods could be used to get around these sorts of mechanisms.

Curious - what version of fgdump? 1.5.0 is more evasive when it comes to
AV, and if it's still being picked up, I'm very interested to find out
by what.


This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!