Help using pwdump2
Results 1 to 5 of 5

Thread: Help using pwdump2

  1. #1
    Junior Member
    Join Date
    May 2005
    Posts
    10

    Help using pwdump2

    I did the password dump just as it was instructed, and it made the password file in my root folder, but when I go and look in it, it says,

    Pwdump2 - dump the SAM database.
    Usage: pwdump2.exe <pid of lsass.exe>

    and thats it.
    If someone could tell me the issue that'd be great. I just set up my cluster and I wanted to try to practice on some of my passwords, I have full admin rights so thats not it. No idea whats up.
    Share on Google+

  2. #2
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    Sorry, I deleted my post above by accident.

    ElDesperado : Slow down. READ THE INSTRUCTIONS AGAIN. You are making a silly mistake. Sleep on it. Try again tomorrow.

    I don't mean to be a pain in the ass, and I am not a know-it-all, but you have to help yourself before you jump to asking silly questions that are answered easily by reading what is in front of you.
    .
    Share on Google+

  3. #3
    Junior Member
    Join Date
    May 2005
    Posts
    10
    Well, in the readme it doesn't give instructions, I downloaded it from reading this thread,

    http://www.antionline.com/showthread...ght=Clustering

    And the only thing he says to do is

    2. First download Pwdump2 from here (an application used to dump Windows 2000/XP SAM file)
    3. at the command line, type pwdump2 > c:\passwd . This will create a copy of your password file called passwd on the root of your c:\ drive.
    Share on Google+

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    872
    If I recall correctly, to use pwdump2 you do something along the lines of the following (after taking both pwdump2.exe and all the DLLs files and putting them together in the same directory):
    Code:
    [C:\pwdump2] pwdump2
    This will write the contents of the SAM to the console. To save to a file so you can reread/use it for later:
    Code:
    [C:\pwdump2] pwdump2 > passwd.txt
    If you want to find the pid of lsass.exe, just use the Task Manager to find the process id, and then put that number after pwdump2. Lets say our pid was 1234:
    Code:
    [C:\pwdump2] pwdump2 1234
    ...This Space For Rent.

    -[WebCarnage]
    Share on Google+

  5. #5
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    I believe the OP was making a syntax error in his command : pwdump2 [whatever error] > c:\passwd. Instead of writing the hashes to c:\passwd he was writing the usage. The newest version of pwdump2 finds the pid automatically.

    Answer : read carefully.
    .
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •