Results 1 to 8 of 8

Thread: Windows SAM file

  1. #1
    Member
    Join Date
    Oct 2002
    Posts
    52

    Windows SAM file

    Is it possible for someone to copy the SAM file (i know that is possible), then to insert a username and hashed password into the file then to copy it back? I'm sure it can be done if syskey is not used, but how about if it is being used? I would think that it would be possible becuase if they can decrypt it, why couldnt someone encrypt it. Is there a program out that will do this?

    I know i havent posted much, but this is for educational purposes only.

  2. #2
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    I believe the hashes are in the registry as well but I dont think its possible to add users only change them as of now

  3. #3
    Senior Member
    Join Date
    Dec 2007
    Posts
    132
    for what purpose? if u can access the sam and dump passwords then u should be able to simply net user blah password /add and windows encrypts the password, so then you can dump the sam and get that value instead of trying to find a program that's gonna do it for you, plus it writes it to the sam so you don't need to inject it urself. ur question seems confusing, maybe if u gave us a scenario it would help...

  4. #4
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Maybe he wants to secretly add a user :-P

  5. #5
    Senior Member
    Join Date
    Dec 2003
    Posts
    137
    try Offline NT Password & Registry Editor ( http://home.eunet.no/~pnordahl/ntpasswd). It features everything u asked for. Hope it helps
    Life is a shipwreck but we must not forget to sing in the lifeboats. ~Voltaire

  6. #6
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    xiphias360: Your sig made me wiki BOFH. Honestly the first time I have heard the term Thanks for some interesting reading ... found it quite amusing.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  7. #7
    Quote Originally Posted by Wikipedia
    In 2006 the UKUUG commissioned a song

  8. #8
    Senior Member
    Join Date
    Dec 2007
    Posts
    132
    @Cider: lol, yeah I just downloaded bofh-excuses for fortune and added them to the random fortunes that pop up with my bash shells, some really good stuff in there. If only I had this when I was a helpdesk tech way back when...

Similar Threads

  1. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  2. suse is crap on finding cdrom
    By rajunpl in forum Operating Systems
    Replies: 43
    Last Post: July 1st, 2004, 07:30 AM
  3. 4 steps to making your computer immortal online.
    By ali1 in forum The Security Tutorials Forum
    Replies: 27
    Last Post: January 1st, 2004, 11:59 AM
  4. Windows 2003 Server Vulnerability
    By warl0ck7 in forum Microsoft Security Discussions
    Replies: 7
    Last Post: August 14th, 2003, 12:23 PM
  5. Securing Your Windows PC
    By E5C4P3 in forum The Security Tutorials Forum
    Replies: 10
    Last Post: June 12th, 2002, 04:54 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •