Search and Dump Passwords from Memory using Memory DD

It's a common misconception among application developers that program memory is "safe" and anything stored in clear text in memory cannot really be hacked. Unfortunately, nothing could be further away from the truth. In this video created by John Strand from PaulDotCom we see how simple it is to identify and dump passwords from computer memory. However, in most cases one would need administrative privileges to be able to dump memory. But once a hacker has that he could very easily crack other passwords used on the system simply with a memory dump. This video uses the Mantech Memory DD tool for the demo.

SANS has a nice listing of tools which can be used for memory dumping on windows here. Try them out! Happy Memory Hunting :) 

Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net