From: Andy Brown <a.brown@nexor.co.uk>
To: cypherpunks@toad.com
Message Hash: b535cf6bab7526750f9b7482ce9e328bfad019f3558f683ff9ede5dc912a99eb
Message ID: <30CD5E4C.56A@nexor.co.uk>
Reply To: <2.2b7.32.19951211214329.002cc3a8@netcom4.netcom.com>
UTC Datetime: 1995-12-12 10:48:33 UTC
Raw Date: Tue, 12 Dec 95 02:48:33 PST
From: Andy Brown <a.brown@nexor.co.uk>
Date: Tue, 12 Dec 95 02:48:33 PST
To: cypherpunks@toad.com
Subject: Re: Win NT proprietary pw encryption (Was: Re: Windows .PWL cracker...)
In-Reply-To: <2.2b7.32.19951211214329.002cc3a8@netcom4.netcom.com>
Message-ID: <30CD5E4C.56A@nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain
Ted Cabeen wrote:
> I took a quick look in my NT registry and you can get access to the Account
> Manager section of the registry by manually changing the permissions and
> giving yourself access. I didn't have the time to look at all of the
> entries in the registry, but there's a lot of stuff there and I wouldn't be
> suprised if the encryted passwords were available. Of course, you have to
> be an administrator to change the permissions, but it is possible.
The encrypted passwords are in the "SECURITY" section, which the OS will not
let you change the permissions to. Most user account information is available
under NT via the NetUser... API functions, the passwords are not. You probably
came across the settings for the Security Account Manager, not the data that it
looks after.
Regards,
- Andy
Return to December 1995
Return to “Ted Cabeen <cabeen@netcom.com>”