Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/zcgonvh/NTDSDumpEx
NTDS.dit offline dumper with non-elevated
https://github.com/zcgonvh/NTDSDumpEx
Last synced: 21 days ago
JSON representation
NTDS.dit offline dumper with non-elevated
- Host: GitHub
- URL: https://github.com/zcgonvh/NTDSDumpEx
- Owner: zcgonvh
- License: gpl-2.0
- Created: 2017-02-22T17:01:38.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2018-01-17T16:08:18.000Z (almost 7 years ago)
- Last Synced: 2024-08-05T17:24:11.011Z (4 months ago)
- Language: C
- Size: 155 KB
- Stars: 212
- Watchers: 8
- Forks: 70
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - zcgonvh/NTDSDumpEx - NTDS.dit offline dumper with non-elevated (C)
README
# NTDSDumpEx
NTDS.dit offline dumper with non-elevated
### Usage
ntdsdumpex.exe <-d ntds.dit> <-k HEX-SYS-KEY | -s system.hiv |-r> [-o out.txt] [-h] [-m] [-p] [-u]
-d path of ntds.dit database
-k use specified SYSKEY
-s parse SYSKEY from specified system.hiv
-r read SYSKEY from registry
-o write output into
-h dump hash histories(if available)
-p dump description and path of home directory
-m dump machine accounts
-u USE UPPER-CASE-HEX
### Example:
ntdsdumpex.exe -r
ntdsdumpex.exe -d ntds.dit -o hash.txt -s system.hiv
### Reference Source
`ntds.h`,`ntds.cpp`,`attributes.h` from [ntds_decode](https://github.com/mubix/ntds_decode) (some changed).
`ntreg.c`,`ntreg.h` from search,fix some compatibility on windows,and remove the debug outputs.
### License
GPL