creddump 1.7
Updated on 20 Aug 2011
By Anthony Buckner
By Anthony Buckner
76 KB Safe To Install
Advertising
Specifications
License:
Freeware (Free)
Updated:
Downloads:
629
Platform:
Windows XP / 2003
Publisher:
Massimiliano Montoro(more)
Website:
Unknown
User Reviews:
Other versions:
Do you like
creddump?
creddump?
Publisher's Descriptions
creddump is a software application that will dump passwords from user's credential files and show them in they're cleartext form.
Credential Manager is a new SSO solution that Microsoft offers in Windows Server 2003 and Windows XP to provide a secured store for credential information.
Credential Manager allows you to input user name and passwords for various network resources and applications once, and then have the system automatically supply that information for subsequent visits to those resources without your intervention.
One example is the command:
net use * computer_nameshare_name /user:user_name password /savecred
Credential Manager stores user's credentials in the following files:
- Enterprise Credential Set:
Documents and Settings%Username%Application DataMicrosoftCredentials%UserSID%Credentials
- Local Credential Set:
Documents and Settings%Username%Local SettingsApplication DataMicrosoftCredentials%UserSID%Credentials
On WindowsXP, the application "Stored User Names and Passwords", that can be found under Start-> Settings-> Control Panel-> User Accounts-> ¬count% -> Manage my network passwords, allows you to manage this kind of credentials.
HOW IT WORKS:
The program follows the same methodology used by Todd Sabin in his PWDUMP2 program to decrypt credential files. It uses the "DLL injection" technique to run a thread in the same security context of the Local Security Authority Subsystem process.
The thread's executable code must first be copied to the address space of LSASS process and this requires an account with the SeDebugPrivilege user right.
By default only Administrators have this right. Once injected and executed, the thread will run with the same access privileges of the Local Security Authority Subsystem and will use the native undocumented LsaICryptUnprotectData API from LSASRV.DLL to decrypt the credentials file.
The thread stores the output of this API in a temporary file named cred.txt located in the same directory of the program. Finally, user's credentials are dumped and put ont the screen.
Credential Manager can store various kind of passwords, they can be saved as MultiByte or WideChar strings, security BLOBS and certificates too. The choice of the final encryption method is left to the user.
The program will try to recognize plaintext passwords stored as MultiByte strings or WideChar strings, and will also decode Passport and Standard (no entropy) credential BLOBS originally stored using the CryptProtectData API.
USAGE:
Copy the executable files (creddump.exe, creddump.dll) in the same directory and type creddump at the command prompt.
Credential Manager is a new SSO solution that Microsoft offers in Windows Server 2003 and Windows XP to provide a secured store for credential information.
Credential Manager allows you to input user name and passwords for various network resources and applications once, and then have the system automatically supply that information for subsequent visits to those resources without your intervention.
One example is the command:
net use * computer_nameshare_name /user:user_name password /savecred
Credential Manager stores user's credentials in the following files:
- Enterprise Credential Set:
Documents and Settings%Username%Application DataMicrosoftCredentials%UserSID%Credentials
- Local Credential Set:
Documents and Settings%Username%Local SettingsApplication DataMicrosoftCredentials%UserSID%Credentials
On WindowsXP, the application "Stored User Names and Passwords", that can be found under Start-> Settings-> Control Panel-> User Accounts-> ¬count% -> Manage my network passwords, allows you to manage this kind of credentials.
HOW IT WORKS:
The program follows the same methodology used by Todd Sabin in his PWDUMP2 program to decrypt credential files. It uses the "DLL injection" technique to run a thread in the same security context of the Local Security Authority Subsystem process.
The thread's executable code must first be copied to the address space of LSASS process and this requires an account with the SeDebugPrivilege user right.
By default only Administrators have this right. Once injected and executed, the thread will run with the same access privileges of the Local Security Authority Subsystem and will use the native undocumented LsaICryptUnprotectData API from LSASRV.DLL to decrypt the credentials file.
The thread stores the output of this API in a temporary file named cred.txt located in the same directory of the program. Finally, user's credentials are dumped and put ont the screen.
Credential Manager can store various kind of passwords, they can be saved as MultiByte or WideChar strings, security BLOBS and certificates too. The choice of the final encryption method is left to the user.
The program will try to recognize plaintext passwords stored as MultiByte strings or WideChar strings, and will also decode Passport and Standard (no entropy) credential BLOBS originally stored using the CryptProtectData API.
USAGE:
Copy the executable files (creddump.exe, creddump.dll) in the same directory and type creddump at the command prompt.
Do you like creddump
creddump Disclamer
Please be aware FindMySoft.com accepts no responsibility for the file you are downloading. The same applies to the information provided about the software products listed.
We do not allow the inclusion of any creddump serial, keygen or crack and we disclaim any liability for the inappropriate use of creddump.
FindMySoft advises that creddump should be only used in accordance with the rules of intellectual property and the existing Criminal Code.
For your own protection ALWAYS check downloaded files for viruses.
We do not allow the inclusion of any creddump serial, keygen or crack and we disclaim any liability for the inappropriate use of creddump.
FindMySoft advises that creddump should be only used in accordance with the rules of intellectual property and the existing Criminal Code.
For your own protection ALWAYS check downloaded files for viruses.
Advertising
Popular News
The “Who Touched my Phone” app will show you who snooped on your iPhone while you were away.
The Suspend Background Tabs add-on will prevent background tabs from running periodical actions, thus improving the browser’s performance and preventing unnecessary CPU load.
Your Rating
1.0
out
of
5
of
5
Rated By
1 Users
1 Users
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
creddump
HTML Linking Code
HTML Linking Code
Latest Reviews