Re: Format of SAM File

[Marc Ouwerkerk <olderchurch () gmail com>]

Hi Miguel,

This is what is in the hash:
<username>:<userid>:<LM Hash>:<NTLM Hash>:<Gecos>:<home dir>:?

I don't know what is supposed to be in the last one.

Hope this helps.

Cheers,

Marc

On Thu, Jul 9, 2009 at 9:40 PM, Hernandez IV, Miguel<miguelher () utep edu> wrote:
> All,
>
> Looking for a reference that describes the format of the windows SAM
> file.  From what I can tell, the first column is the username and third
> column is the password hash, but I want to know what information is
> contained in the other columns.  Google searches on "format windows SAM
> file", "understand windows SAM file", and other related searches have
> proved frustrating.  I should mention that the SAM file was obtained
> using pwdump6 in case that is relevant.  The format I am seeing is as
> follows:
>
> Username:number:password hash:another hash?:blank:blank:blank
>
> Any help is much appreciated.
>
> Miguel
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------