SAMInside

SAMInside is a password recovery program for cracking lost Windows NT/2000/XP/2003 users' LM or NTLM hashed passwords. It's cracking speed is amazingly high (10 million passwords per second on a good computer) this is the result of core parts written in assembly language. Program also has multi language support and it's translated into 5 languages.

Features

This program is the first program that started to work with passwords encrypted with syskey, it supports AbOUT 10 types of importing, 4 types of exporting hashes and (currently) 6 types of password attack:

  • Mask attack
  • Dictionary attack
  • Hybrid attack
  • Attack with Rainbow tables

See also

Here are some key features of "SAMInside":

  • "Import from SAM and SYSTEM registry files" - import hashes from SAM Windows registry file. If there's additional encryption by SYSKEY in the imported SAM file (it's on default enabled in Windows 2000/XP/2003), then the program will also need SYSTEM Windows registry file located at the same Windows directory there SAM file is - in the folder %SystemRoot%System32Config. Copies of these files May Be also found in %SystemRoot%Repair and %SystemRoot%RepairRegBack folders. (Note: %SystemRoot% - is a system directory of OS Windows, usually folder C:WINDOWS or C:WINNT).
  • "Import from SAM registry file and file with system key" - import encrypted passwords from SAM Windows registry file using file with system key SYSKEY.
  • "Import from PWDUMP file" - import hashes from text file of PWDUMP program format. You can find test files with such hashes in the SAMInside program archive.
  • "Import from *.LC file" - import hashes from files created by L0phtCrack program.
  • "Import from *.LCP file" - import hashes from files created by LCP4/LCP5 programs.
  • "Import from *.LCS file" - import hashes from files created by LC4/LC5 programs.
  • "Import from *.HDT file" - import hashes from projects created by Proactive Windows Security Explorer program.
  • "Import from *.LST file" - import hashes from the LMNT.LST file, created by Cain&Abel program.
  • "Import from local machine ..." - import encoded passwords from the local machine (to do that launch the program with *Administrator user's rights). The program uses the following methods to get local hashes:
  1. " ... using LSASS" - import local hashes using connection to LSASS process.
  2. " ... using Scheduler" - import local hashes using system utility Scheduler

See Also

Decimalization table attack

A decimalization table attack is a technique that may allow a corrupt insider at a bank to discover...