Printable View
As we all know the passwords for a windows account is stored in the SAM file. So for some one who is trying to crack the login passwords, this becomes a very tepting file to "snatch". However, is it posible to move the SAM file. I mean there has got to be some where in the Windows Login authentication program that tells where to compaire the generated hash. If we moved the SAM file, we could then place a fake SAM in its place. Like a Honey pot. Anyone knwo if this is posible?
~PCLLWTFDTM
http://www.antionline.com/showthread...&highlight=SAM
Amazing what you can find when you use 'search', wot?
AFIAK, it is not possible to move the sam file.
Maybe if you hackup the dll files that point to it?
But then you have to worry about the CRC check?
msgina.dll?
Kinda out of my league... just throwing out some thoughts.
Thank you, however, perhaps im not making my self clear, The replacement of the SAM would be done by the owner of the machine SO that, any potential SAM crackers out there would grab a dummy file. The link you provided wasnt quite what i was looking for.
phishphreek80, hey thanks for the suggestion, even if you're just throwing out ideas, its apreciated.