Jump to content

login Question


Noonmid27

Recommended Posts

Hi guysI wanted to know which file is check at login when i enter my username and password upon login. Actually a better way to put this is which file is used for the username and login. obviously it's a system file but if somebody can point me in the right direction that would be perfect.

Link to comment
Share on other sites

It's the Windows\System32\config\SAM file.
Is there anyway to read this file........or see the contents of this file. Thx for providing the path by the way always appreciated.
Link to comment
Share on other sites

Since the SAM file is an encrypted hash table you can't easily read it. Symantec sells an app called @stake LC4 that can be used to brute force crack the SAM file after it's been dumped into a text file. From what I gather though LC4 may not be able to decrypt the Vista/Windows 7 SAM. If all you want to do is reset a Windows password then Peter Nordahl's Offline NT Password and Registry Editor is your safest bet. Or if you have time to kill then you could try the ophcrack live-cd. Cracking the SAM file can take awhile if the passwords are strong. Simple ones are usually broken with a basic dictionary or brute force attack. If none of these work you may have to buy yourself a set of rainbow tables to assist you. Or if you have even more time to kill and spare CPU power, generate your own rainbow tables.

Link to comment
Share on other sites

Since the SAM file is an encrypted hash table you can't easily read it. Symantec sells an app called @stake LC4 that can be used to brute force crack the SAM file after it's been dumped into a text file. From what I gather though LC4 may not be able to decrypt the Vista/Windows 7 SAM. If all you want to do is reset a Windows password then Peter Nordahl's Offline NT Password and Registry Editor is your safest bet. Or if you have time to kill then you could try the ophcrack live-cd. Cracking the SAM file can take awhile if the passwords are strong. Simple ones are usually broken with a basic dictionary or brute force attack. If none of these work you may have to buy yourself a set of rainbow tables to assist you. Or if you have even more time to kill and spare CPU power, generate your own rainbow tables.
Just to trying to get a picture of what i would be working with if i decided to crack a password. Would it be safe to say a Password hash is like a complex crossword puzzle......that have the password hidden inside a random set of bits........just want to make sure i get the right picture in my mind just in case one day i decided to tackle such a task.
Link to comment
Share on other sites

Yipes, Noonmid27. You certainly have developed quite an interest in passwords of late (XP credential File, Lost Password, password question). You aren't getting into mischief are you? :( :thumbsup:
Well yeah........i just want a better understanding. I guess encryption is more the like the sending packets are encrypted........then the key is like say 128bit or higher and any one of those 128bit combination is the right key to unlock the packets. wow my mind feeling like it could go in over-drive trying to comprehend something like that.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...