Become an AceSign inSign up
zcgonvh/ NTDSDumpEx (v0.3) about 3 years ago
C C++
View on GitHub
Need help with NTDSDumpEx?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

zcgonvh
134 Stars 64 Forks GNU General Public License v2.0 5 Commits 0 Opened issues

Description

NTDS.dit offline dumper with non-elevated

Services available

!
?

Need anything else?

Contributors list

zcgonvh zcgonvh
# 179,363
C#
Ruby
 5 commits

NTDSDumpEx

NTDS.dit offline dumper with non-elevated

Usage

ntdsdumpex.exe   [-o out.txt] [-h] [-m] [-p] [-u]
-d    path of ntds.dit database
-k    use specified SYSKEY
-s    parse SYSKEY from specified system.hiv
-r    read SYSKEY from registry
-o    write output into
-h    dump hash histories(if available)
-p    dump description and path of home directory
-m    dump machine accounts
-u    USE UPPER-CASE-HEX

Example:

ntdsdumpex.exe -r
ntdsdumpex.exe -d ntds.dit -o hash.txt -s system.hiv

Reference Source

ntds.h
,
ntds.cpp
,
attributes.h
from ntds_decode (some changed). 

ntreg.c
,
ntreg.h
from search,fix some compatibility on windows,and remove the debug outputs.

License

GPL

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.