At the company I worked for previously we frequently used a firewire DMA attack such as inception (http://www.breaknenter.org/projects/inception/) to gain access to computers, and dump ram to recover other passwords.
I'm familiar with DMA attacks, but it's always shocking to see publicly available GPL code that just works against popular and recent versions of windows, OS X and linux. UEFI Secure Boot is no help if you signed a 1394 driver : )
Everyone should read the mitigation steps and caveats as appropriate.
If you have physical access to an unlocked windows machine, i'd reach for mimikatz. Instant plaintext.
Everyone should read the mitigation steps and caveats as appropriate.
If you have physical access to an unlocked windows machine, i'd reach for mimikatz. Instant plaintext.