January 15th, 2008, 11:28 PM
Windows SAM file
Is it possible for someone to copy the SAM file (i know that is possible), then to insert a username and hashed password into the file then to copy it back? I'm sure it can be done if syskey is not used, but how about if it is being used? I would think that it would be possible becuase if they can decrypt it, why couldnt someone encrypt it. Is there a program out that will do this?
I know i havent posted much, but this is for educational purposes only.
January 15th, 2008, 11:52 PM
I believe the hashes are in the registry as well but I dont think its possible to add users only change them as of now
January 16th, 2008, 01:02 AM
for what purpose? if u can access the sam and dump passwords then u should be able to simply net user blah password /add and windows encrypts the password, so then you can dump the sam and get that value instead of trying to find a program that's gonna do it for you, plus it writes it to the sam so you don't need to inject it urself. ur question seems confusing, maybe if u gave us a scenario it would help...
January 16th, 2008, 02:32 AM
Maybe he wants to secretly add a user :-P
January 16th, 2008, 02:44 AM
try Offline NT Password & Registry Editor ( http://home.eunet.no/~pnordahl/ntpasswd). It features everything u asked for. Hope it helps
Life is a shipwreck but we must not forget to sing in the lifeboats. ~Voltaire
January 16th, 2008, 01:54 PM
xiphias360: Your sig made me wiki BOFH
. Honestly the first time I have heard the term
Thanks for some interesting reading ... found it quite amusing.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
January 16th, 2008, 04:32 PM
Originally Posted by Wikipedia
January 16th, 2008, 06:10 PM
@Cider: lol, yeah I just downloaded bofh-excuses for fortune and added them to the random fortunes that pop up with my bash shells, some really good stuff in there. If only I had this when I was a helpdesk tech way back when...
By ThePreacher in forum Miscellaneous Security Discussions
Last Post: December 14th, 2006, 09:37 PM
By rajunpl in forum Operating Systems
Last Post: July 1st, 2004, 08:30 AM
By ali1 in forum The Security Tutorials Forum
Last Post: January 1st, 2004, 11:59 AM
By warl0ck7 in forum Microsoft Security Discussions
Last Post: August 14th, 2003, 01:23 PM
By E5C4P3 in forum The Security Tutorials Forum
Last Post: June 12th, 2002, 05:54 PM