Dump Windows System Info

When you were asked to collect all Windows system information such as list of users, services, software installed and its version, Windows update history, etc..probably you wanted to see these tools:

System Information Collector

WinUpdatesList v1.31
WinAudit Freeware v2.28.2

SAM/Password Extractor

pwdump7* ( v7.1 ) (detected as HackTool/Possible Unwanted Application)
FGDump* (detected as HackTool/Possible Unwanted Application)
Offline NT Password & Registry Editor by Petter Nordahl-Hagen (must be done in offline mode/reboot the system)

Note:If you familiar with reverse engineering, make those HackTool/PUA undetectable is the best choice 😀

or

Using Metasploit and attack your target system. Meterpreter payload contains lot of user scripts that can be useful to dig system info. I suggest the attack against Internet Explorer since it may not harm the system/service running.

J. Dravet wrote various techniques in order to retrieve the passwords, and of course it depends on your goal, use it wisely.

Good luck 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About Spentera

We are specializing in penetration test, vulnerability assessment, computer forensics, as well as intrusion analyst and malware analysis. Customers can contact us directly at contact[at]spentera[dot]id, or use Contact Our Team menu on the sidebar.