RE: Fwd: How does the Cain and Abel SAM dump works?

["Eric Snyder" <Eric.S () aefcu com>]

Adriel ,

How are you checking / cracking longer, 15 character plus, passwords?
The best table I have seen is 14 character.  Do you have a source for
15+ character tables that use every possible printable characters;
commas, spaces, grave accents, etc.?

Thank you.

-Eric.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Adriel Desautels
Sent: Tuesday, July 15, 2008 2:05 PM
To: my.security.lists () gmail com
Cc: Vikas Singhal; security-basics () securityfocus com
Subject: Re: Fwd: How does the Cain and Abel SAM dump works?

Yep, and rainbow tables are your friend.

Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Rob Thompson wrote:
> Vikas Singhal wrote:
> > Hi Friends,
>
> > Nowaday, I am studying on the Topic - Cracking Windows password.
>
> > There are lot of tools out there which can dump LM and NTLM hashes
for
> > you. But as far i know, you can't touch the SAM file when windows is
> > running, so, how does these tools work.
>
> > Is the sam dumped in-memory?
>
> > Regards
> > V
>
>
> Whenever I've had to do that, I have copied the SAM off the box, while
> the machine was running and then done the work offline.
>
> I haven't had to do it a lot, but a few times and it's worked each
time.
> Hope that this helps.