Vulnerability Development mailing list archives

Re: SAM encrypted with syskey

From: Vladimir Katalov <vkatalov () elcomsoft com>
Date: 17 Feb 2005 08:36:00 -0000

In-Reply-To: <F36BC027FD4D7E4FB9EA59EFAF86BAAD11AEE4 () mex0010mf01 na xerox net>

Does any one knows a method to retrieve the password for the SAM
(NT/W2K) that has been encripted with syskey? Or bypass the system
startup password?


Proactive Windows Security Explorer allows that:

http://www.elcomsoft.com/pwsex.html

It is able to dump password hashes from SAM and SYSTEM files (created in any system from Windows NT4 to Windows Server 
2003).

Next version will be also able to get password hashes directly from Active Directory database (ntds.dit).

-- 
Sincerely yours,
  Vladimir

Vladimir Katalov
Managing Director
ElcomSoft Co.Ltd.
Member of Association of Shareware Professionals (ASP)
Member of Russian Cryptology Association
mailto:vkatalov () elcomsoft com
http://www.elcomsoft.com (Corporate site)
http://www.crackpassword.com (Password Recovery Software)

Current thread:

RE: SAM encrypted with syskey DePriest, Jason R. (Feb 10)
- <Possible follow-ups>
- RE: SAM encrypted with syskey Johnson, Joey (Feb 10)
  - Re: SAM encrypted with syskey Brendan Dolan-Gavitt (Feb 11)
    - Re: SAM encrypted with syskey Michel Arboi (Feb 13)
- RE: SAM encrypted with syskey Anzaldo, Oscar (Feb 10)
- SAM encrypted with syskey Anzaldo, Oscar (Feb 10)
- Re: SAM encrypted with syskey Vladimir Katalov (Feb 17)