windows NT uses the SAM to store and retrieve user credentials such as passwords. SAM: The security accounts manager. Because the SAM stores its information in the SAM database, you can assume that NT is only as secure as its SAM data. The SAM file is located at %systemroot%\system32\config directory. Although the \config directory contains a working version of the SAM database so programs such as Windows Explorer can't directly access the database for copying while the system is running.
For gaining the access to this SAM file, boot the system from an alternative OS or any live OS. Now you can copy this SAM file to any other location.
There is also a backup of SAM file in the location %systemroot%\repair
Password is stored in encrypted form in the SAM called hashes. Use any password cracking software like LOphtcrack to know the password of the system from these hashes.
to know more about SAM file visit Microsoft official website.
0 comments:
Speak up your mind
Tell us what you're thinking... !