-
Dumpzilla Extracts the content of a profile directory. Download the profile directory. See what we have:dumpzilla 84p8ofq6.default --Summary Use the modules to see details.
-
Grab the SAM and system file: %windir%\repair\sam %windir%\System32\config\RegBack\SAM %windir%\system32\config\SAM %windir%\repair\system %windir%\System32\config\RegBack\system %windir%\system32\config\system (Re-) Run the credential retrievers from the script page.
-
General After beeing root, do the following to gain additional information. Copy / break /etc/shadow or SAM Investigate all /home directories and /root ls -lahR /home/ Are there SSH keys? Investigate all databases and get / break their users and passwords Check cronjobs/-tabs Enumerate programs and determine where credentials could be. Enumerate the user’s mail Enumerate WWW directories…