Vulnerability Development: Re: SAM encrypted with syskey

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: SAM encrypted with syskey

From: Vladimir Katalov <vkatalov () elcomsoft com>
Date: 17 Feb 2005 08:36:00 -0000

In-Reply-To: <F36BC027FD4D7E4FB9EA59EFAF86BAAD11AEE4 () mex0010mf01 na xerox net>

Does any one knows a method to retrieve the password for the SAM
(NT/W2K) that has been encripted with syskey? Or bypass the system
startup password?


Proactive Windows Security Explorer allows that:

http://www.elcomsoft.com/pwsex.html

It is able to dump password hashes from SAM and SYSTEM files (created in any system from Windows NT4 to Windows Server 
2003).

Next version will be also able to get password hashes directly from Active Directory database (ntds.dit).

-- 
Sincerely yours,
  Vladimir

Vladimir Katalov
Managing Director
ElcomSoft Co.Ltd.
Member of Association of Shareware Professionals (ASP)
Member of Russian Cryptology Association
mailto:vkatalov () elcomsoft com
http://www.elcomsoft.com (Corporate site)
http://www.crackpassword.com (Password Recovery Software)

By Date By Thread

Current thread:

RE: SAM encrypted with syskey, (continued)
- RE: SAM encrypted with syskey Johnson, Joey (Feb 10)
  - Re: SAM encrypted with syskey Brendan Dolan-Gavitt (Feb 11)
    - Re: SAM encrypted with syskey Michel Arboi (Feb 13)
- RE: SAM encrypted with syskey Anzaldo, Oscar (Feb 10)
- SAM encrypted with syskey Anzaldo, Oscar (Feb 10)
- Re: SAM encrypted with syskey Vladimir Katalov (Feb 17)