|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: David Howe (DaveHowe.Pentest
googlemail.com)
Date: Fri Jul 10 2009 - 05:56:41 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
David Howe wrote:
> Hernandez IV, Miguel wrote:
>> All,
>>
>> Looking for a reference that describes the format of the windows SAM
>> file. From what I can tell, the first column is the username and third
>> column is the password hash, but I want to know what information is
>> contained in the other columns. Google searches on "format windows SAM
>> file", "understand windows SAM file", and other related searches have
>> proved frustrating. I should mention that the SAM file was obtained
>> using pwdump6 in case that is relevant. The format I am seeing is as
>> follows:
>>
>> Username:number:password hash:another hash?:blank:blank:blank
>
> That looks right for pwdump.
>
> the two hashes are from the LM (first 8 chars of password, in upper
> case) and NT (full password, case sensitive) spaces respectively
just checked the docs, actual format is:
UserName:RID:LMhash:NThash:FullName,Description:HomeDirectory
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]