I read that MS passwords are stored in a file called SAM, and that with a live disk you can open that file in gedit, nano or whatever and delete user passwords without causing a mess of things. I have yet to try it, but I am searching for the SAM file as I type.
Five minutes later: Well there are several SAM files, and only SAM (text version) could be opened. They are located under windows/system32 and windows/opt/system32. On Fri, Mar 12, 2010 at 3:37 PM, Robert Citek <[email protected]>wrote: > More technical details: > > > http://www.h-online.com/security/news/item/Password-cracker-100-times-faster-with-an-SSD-950184.html > > Apparently, at issue is the LM Hash algorithm that XP uses to store > passwords: > > http://en.wikipedia.org/wiki/Password_cracking#Weak_encryption > http://en.wikipedia.org/wiki/LM_hash > > The other issue is that whomever is doing the cracking needs the hash > table of XP passwords, the equivalent of /etc/shadow on Linux systems. > I don't know where passwords are stored on XP (in the registry?), but > if the bad guys have the hash table aren't they already in your > system? > > Regards, > - Robert > > On Fri, Mar 12, 2010 at 2:37 PM, Theresa Kehoe <[email protected]> wrote: > > "... was able to crack 14-digit WinXP passwords with special characters > > in just 5.3 seconds." > > > > Dang! > > > > (here's the link) > > > > http://www.theregister.co.uk/2010/03/12/password_cracking_on_crack/ > > > > Theresa > > -- > Central West End Linux Users Group (via Google Groups) > Main page: http://www.cwelug.org > To post: [email protected] > To subscribe: [email protected] > To unsubscribe: [email protected] > More options: http://groups.google.com/group/cwelug > -- Central West End Linux Users Group (via Google Groups) Main page: http://www.cwelug.org To post: [email protected] To subscribe: [email protected] To unsubscribe: [email protected] More options: http://groups.google.com/group/cwelug
