Cracking windows NT/2000 passwords using SAM file

Monday, August 15, 2011

windows NT uses the SAM to store and retrieve user credentials such as passwords. SAM: The security accounts manager. Because the SAM stores its information in the SAM database, you can assume that NT is only as secure as its SAM data.  The SAM file is located at %systemroot%\system32\config directory. Although the \config directory contains a working version of the SAM database so programs such as Windows Explorer can't directly access the database for copying while the system is running.

For gaining the access to this SAM file, boot the system from an alternative OS or any live OS. Now you can copy this SAM file to any other location.

There is also a backup of SAM file in the location %systemroot%\repair

Password is stored in encrypted form in the SAM called hashes. Use any password cracking software like LOphtcrack to know the password of the system from these hashes.

to know more about SAM file visit Microsoft official website.
Share this article :

0 comments:

Speak up your mind

Tell us what you're thinking... !

 
Support : Creating Website
Copyright © 2012. Your Unofficial Guide - All Rights Reserved
Proudly powered by Blogger