From: Jerome Athias (jerome.athias@free.fr)
Date: Wed Sep 27 2006 - 14:52:36 EDT
Hari Sekhon a écrit :
> Hi,
> I've found cachedump to be reliable in the past, lsadump caused some
> crashing problems for me at the time so I didn't use it.
>
> Could somebody tell me how to go about retrieving the hashes from the
> offline sam file. Is there a way? And if so what form do the hashes
> come in, DES?
>
>
> Thanks
>
> -h
>
> --
> Hari Sekhon
"You need both SYSTEM and SAM files from system32\config. SYSTEM
contains the key, called syskey used to "decrypt" the hashes in the SAM
file. Put both files in a directory and then use ophcrack "Load from
encrypted SAM" command to recover the hashes."
http://sourceforge.net/projects/ophcrack
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:02 EDT