mailing list archives
Re: Where are Windows "Enforce password history" passwords stored?
From: totiebash () cox net
Date: 31 Aug 2005 05:53:50 -0000
yes, it is stored in HKEY_LOCAL_MACHINE\SECURITY, you need to be running as SYSTEM to be able to view it using REGEDIT.
You can use the tool "Cachedump"(http://www.cr0.net:8040/misc/cachedump.html) to dump the hashes and use the tool
"cachebf" from www.toolcrypt.org to brute force the hash or better yet, you can use my favorite tool "cain and abel"
from www.oxid.it to extract and brute force the encrypted hashes. Alternatively, you can also use John the Ripper to
brute force the hash but you have to install the patch. There you go I gave you all the tools you need so good luck
- RE: Where are Windows "Enforce password history" passwords stored?, (continued)