Home page logo

pen-test logo Penetration Testing mailing list archives

Re: cracking Y2k DC Admin password
From: Jerome Athias <jerome.athias () free fr>
Date: Wed, 27 Sep 2006 20:52:36 +0200

Hari Sekhon a écrit :
I've found cachedump to be reliable in the past, lsadump caused some crashing problems for me at the time so I didn't use it.

Could somebody tell me how to go about retrieving the hashes from the offline sam file. Is there a way? And if so what form do the hashes come in, DES?



Hari Sekhon
"You need both SYSTEM and SAM files from system32\config. SYSTEM contains the key, called syskey used to "decrypt" the hashes in the SAM file. Put both files in a directory and then use ophcrack "Load from encrypted SAM" command to recover the hashes."


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]