Penetration Testing mailing list archives

AW: Where are Windows "Enforce password history" passwords stored ?

From: Marc.Werner () t-systems com
Date: Tue, 30 Aug 2005 07:06:27 +0200

The cached passwords can be found and cracked by Cain. Downloadable from http://www.oxid.it/cain.html

Cheers marc

-----Ursprüngliche Nachricht-----
Von: Charles Gillman [mailto:charles.gillman () gmail com] 
Gesendet: Montag, 29. August 2005 03:14
An: pen-test () securityfocus com
Betreff: Where are Windows "Enforce password history" passwords stored?

Can anyone tell me where the "remembered" passwords are stored when
the "Enforce password history" is set in Group Policy?

If this setting is set to its maximum value of 24 then I would expect
24 password hashes are stored for each account for the setting to
work.  But where?

More importantly are there any tools/techniques for accessing the
"remembered" passwords?

Thanks
CG

Current thread:

AW: Where are Windows "Enforce password history" passwords stored ? Marc . Werner (Aug 30)