CacheDump: recovering cached password hashes on Windows
Handy pen testing tool. Can be used to dump the hashes for cached passwords which windows holds so that you can logon to your local machine if the domain controllers not available or you're not on the network (eg, laptops)
One attack using this I've seen suggested is to persuade a network admin to log onto a machine you control then you can use this to get their password (of course you could just use something like this instead.
Posted by rorym at April 21, 2005 9:04 PM | TrackBack