is a password recovery
program for cracking lost Windows NT
hashed passwords. It can crack
passwords at 10 million passwords
on a good computer
. This is the result of core parts written in assembly language
. It also has multi language support and it's translated into five languages.
This program is the first program that started to work with passwords encrypted with syskey
, it supports about 10
types of importing, 4
types of exporting hashes
and (currently) 6
types of password attack:
Here are some key features of "SAMInside":
- "Import from SAM and SYSTEM registry files" - import hashes from SAM Windows registry file. If there's additional encryption by SYSKEY in the imported SAM file (it's on default enabled in Windows 2000/XP/2003), then the program will also need SYSTEM Windows registry file located at the same Windows directory there SAM file is - in the folder %SystemRoot%System32Config. Copies of these files may be also found in %SystemRoot%Repair and %SystemRoot%RepairRegBack folders. (Note: %SystemRoot% - is a system directory of OS Windows, usually folder C:WINDOWS or C:WINNT).
- "Import from SAM registry file and file with system key" - import encrypted passwords from SAM Windows registry file using file with system key SYSKEY.
- "Import from PWDUMP file" - import hashes from text file of PWDUMP program format. You can find test files with such hashes in the SAMInside program archive.
- "Import from *.LC file" - import hashes from files created by L0phtCrack program.
- "Import from *.LCP file" - import hashes from files created by LCP4/LCP5 programs.
- "Import from *.LCS file" - import hashes from files created by LC4/LC5 programs.
- "Import from *.HDT file" - import hashes from projects created by Proactive Windows Security Explorer program.
- "Import from *.LST file" - import hashes from the LMNT.LST file, created by Cain&Abel program.
- "Import from local machine ..." - import encoded passwords from the local machine (to do that launch the program with *Administrator user's rights). The program uses the following methods to get local hashes:
- " ... using LSASS" - import local hashes using connection to LSASS process.
- " ... using Scheduler" - import local hashes using system utility Scheduler