http://en.wikibooks.org/wiki/Reverse_Engineering/Cracking_Windows_XP_Passwords
The Windows XP passwords are hashed using LM hash and/or NTLM hash. The hashes are stored in c:\windows\system32\config\SAM. The SAM file is encrypted using c:\windows\system32\config\system and is locked when Windows is running. To get the passwords, you need to shutdown Windows, decrypt the SAM file, and then crack the hashes. You can also obtain the hashes using other software that does not require you to turn your computer off. If everything goes well, you'll have the passwords in 15 minutes.
The SKCLONE tool will allow extracting password hashes in PWDUMP format from the live SAM and importing them to other live systems including 64 bit systems, making it a useful tool for migrating local user accounts to 64 bit windows. It does however require you to run the software as the SYSTEM account, since it will try to reach HKLM\SECURITY\SAM in the registry.
No comments:
Post a Comment