An Ontology for Digital Forensics in IT Security Incidents - OPUS
An Ontology for Digital Forensics in IT Security Incidents - OPUS
An Ontology for Digital Forensics in IT Security Incidents - OPUS
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
4.3. FORENSIC TOOLS 29<br />
4.3.4 bkhive + samdump2<br />
The two tools bkhive[Tissieres and Oechsl<strong>in</strong>, 2013] and samdump2 [Tissieres<br />
and Oechsl<strong>in</strong>, 2013] are used to extract <strong>in</strong><strong>for</strong>mation about the user. The<br />
output of bkhive is given to samdump2 and the result is shown <strong>in</strong> list<strong>in</strong>g 4.8.<br />
Adm<strong>in</strong>istrator :500:6 a98eb0fb88a449cbe6fabfd825bca61 : a4141712f19e9dd5adf16919bb38a95c :::<br />
Gast :501: aad3b435b51404eeaad3b435b51404ee :31 d6cfe0d16ae931b73c59d7e0c089c0 :::<br />
Hilfeassistent :1000:50 a75aa3555c00d0ba0322f551cc115a : afacea076c4a025a3022c614793f9e46 :::<br />
SUPPORT_388945a0 :1002: aad3b435b51404eeaad3b435b51404ee : a484598dba956d06f2a8fc23c14d2c92 :::<br />
Benutzer1 :1003: d7246e4feea4219d179b4d5d6690bdf3 :9068 eeaf33cffd1d86ac515e518588a0 :::<br />
List<strong>in</strong>g 4.8: Sample output of samdump2