Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 17 May 2006 21:10:17 +0400
From: Solar Designer <>
Subject: obtaining password hashes off Windows systems

> santosh choudhary wrote:
> > can you tell whitch are the password files of windows xp,please?
> > thank you.

On Wed, May 17, 2006 at 06:24:03PM +0400, xnix wrote:
> system32/config/sam
> system32/config/system

I'm afraid that this answer is of little help since John the Ripper does
not process those files directly.  Instead, one of the pwdump tools
should be used to dump the password hashes in a format directly usable
with John:

Most of the time, pwdump2 will be sufficient.

A more extensive collection of pwdump-like and related tools is
available in this FTP directory:

Alexander Peslyak <solar at>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598 - bringing security into open computing environments

Was I helpful?  Please give your feedback here:

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.