hashdump option

[GoogleCodeExporter]

Add the 'hashdump' option to to save a copy of the Windows registry hives 
for SAM, SECURITY, and SYSTEM if possible, then call 
[http://code.google.com/p/creddump/ creddump] to dump the LANMAN/NTLM 
hashes, view cached credentials, and decrypt LSA secrets.

Original issue reported on code.google.com by bernardo.damele on 10 Feb 2010 at 11:13

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

These registry hives are not readable remotely by any means. The solution here 
is to upload gsecdump.exe and dump them by code injecting into LSASS or 
pwdump7.exe to dump them from the registry.

Original comment by bernardo.damele on 22 Jan 2012 at 12:20