摘要:
下载NTDSXhttp://www.ntdsxtract.com/下载libesedbhttp://code.google.com/p/libesedb/获得ntds.dit和SYSTEM文件: 2008和2012的域控用ntdsutil命令,网上有。2008以下的域控,创建磁盘的shadow copy,然后拷贝ntds.dit和system。 有两个工具可共选择:Vssown.vbs 网上都有,很简单。 windows的VSSSDK去官网上下载,是个SDK需要安装,安装完后VSSSDK72\TestApps\vshadow目录下有源码和bin文件vshadow.exe,bin文件可以直接用, 阅读全文
摘要:
Recently, Mark Baggett and I presented material on some research we've been conducting for several months in a talk called "Lurking in the Shadows". The basis of the talk and the purpose for our research is that there are some really cool things you can do with Volume Shadow Copies in 阅读全文
摘要:
一、获取域内信息1、列出该域内所有机器名(dsquery computer domainroot -limit 65535 && net group "domain computers" /domain)2、列出该域内所有用户名(dsquery user domainroot -limit 65535 && net user /domain)3、列出该域内网段划分 (dsquery subnet)4、列出该域内分组 (dsquery group && net group /domain)5、列出该域内组织单位 (dsquery 阅读全文