Windows and Linux Authentication Bypass with AIM
Вставка
- Опубліковано 9 чер 2024
- This video is not sponsored by Arsenal Recon. Arsenal Image Mounter 3.9 is out and has a lot of new features. You need to check out three features: Windows authentication bypass with Data Protection API (DPAPI) bypass, Linux authentication bypass, and Virtual DD. This video shows how to quickly and easily access a virtualized suspect disk!
Thank you to our Members and Patrons, but especially to TheRantingGeek, Roman, Alexis Brignoni, Lorie Hermesdorf, Steven Lorenz, and OkiePioneerWoman! Thank you so much!
00:00 Arsenal Image Mounter 3.9
00:08 Linux Authentication Bypass
01:53 Windows Authentication Bypass
03:51 Virtual DD
bit.ly/2Ij9Ojc - 👍 Subscribe for weekly videos
❤️ Get early access and bonus content - bit.ly/DFIRSciMember
Links:
* AIM 3.9 Release (arsenalrecon.com/insights/qui...)
* Arsenal Image Mounter Download (arsenalrecon.com/downloads)
* Install Hyper-V on Windows Home (gist.github.com/jijames/5db5f...)
* Strings for Windows (docs.microsoft.com/en-us/sysi...)
Related book:
* Pro Microsoft Hyper-V 2019 (amzn.to/3S6w7gO)
#forensics #dfir #authentication #hacking
010001000100011001010011011000110110100101100101011011100110001101100101
Get more Digital Forensic Science
👍 Subscribe → bit.ly/2Ij9Ojc
❤️ YT Member → bit.ly/DFIRSciMember
❤️ Patreon → / dfirscience
🚀 Forensic Courses → learn.dfir.science
🕸️ Blog → DFIR.Science
🤖 Code → github.com/DFIRScience
🐦 Follow → / dfirscience
📰 DFIR Newsletter → bit.ly/DFIRNews
010100110111010101100010011100110110001101110010011010010110001001100101
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Please link back to the original video. If you want to use this video for commercial purposes, please contact us first. We would love to see what you are doing. - Наука та технологія
Cool♥️. How to create these images?
Here is the Linux Image: cfreds.nist.gov/all/MagnetForensics/2022LunixMagnetCTF
Here is the Windows Image: digitalcorpora.org/corpora/scenarios/2018-lone-wolf-scenario/
Start by checking out FTK Imager, he also has some videos on how to use it and to create E01 files.
To me you are Go Go Gadget inspector. Nice and clear explanation as always, thank you.
Thanks a lot!
Wow! This is so cool! Thanks for sharing. I prefer creating dd images but sometimes they request E01. This is very useful
Yeah, I was REALLY happy to see Virtual DD. 😅
Do you know were I can find the lone wolf image? i would to test it and I need a image for test purpose
Impressive! I'm assuming this only applies to unencrypted drives? How does it handle LUKS or BitLocker drives?
I don't think they have support for LUKS yet, but they have very good support for BitLocker. You do have to have the recovery key or user password though. Always try to get a copy of RAM.
without having password or logging into victims pc how can we make image of that pc
The "launch VM" is greyed out for me. Does this function only work If you go for the licensed version?
Yes. Free/Pro version differences can be found here. Looks like VM booting is on licensed. Also, do you have Hyper-V enabled?
arsenalrecon.com/arsenal-image-mounter-aim-walkthrough
@@DFIRScience Alright I see! I'm running on the free version, thats why then. Thanks for your reply.