LinkBack URL
About LinkBacksIs thre a file where password information is kept in windows XP? If so what is it's name and where is it located?
Banned
Is thre a file where password information is kept in windows XP? If so what is it's name and where is it located?
x10 Sophmore
I'm not sure where Windows stores its PWL files, but I'm almost positive it doesn't matter anyways since a quick Google search shows they're encrypted.
All records along with user name and checksum are encrypted with strong cipher algorithm RC4.
x10 Sophmore
depends on which ones your looking for ;)
x10 Spammer
Re: Where Does Windows Xp Store Its Passwords ?
Why you want it?
[LEFT][B]Sunil Sankar
-------------------------------------------------------------------------
x10 Lieutenant
supajason was here
x10Hosting Member
I am not sure why you need this info but anyways, I hope this will give you an idea where to start. Where to look;
%systemroot%\system32\config\SAM
%systemroot%\system32\config\SYSTEM
You should know however that the files you are interested in are not directly readable. The last time I was interested in this area, xp was using a destructive algorithm MD4 to create a hash of the passwords before storing them.
There are a number of tools available on the web that can help you with that...but your post wasnt about that was it? So, Ill leave it at that.
Good luck!!
Banned
Thanks So Much Guys. this a home work for my school. now I know more About Windows.
x10 Spammer
Man nice way to do the homework.Originally Posted by jenderalmabuk
[LEFT][B]Sunil Sankar
-------------------------------------------------------------------------
Lord Of The Keys
Is that the User passwords that are stored there or passwords for other things?
Thanks,
Dan
_______________
Retired Staff
x10Hosting Member
well the SAM file has the LM and NT hashes of the passwords and then can be cracked
the local security authority subsystem service AKA LSASS.EXE is the handler of passwords for accounts *very insecure*
Protected Storage is also manged by LSASS.EXE it is a storage for password and usernames the KDE ver would be known as KWallet
In Protected Storage you can find outlook passwords, stored Internet explorer passwords, dial-up paswords , and most "auto fill" things
The data can be accessed by DLL injection or running a process as the SYSTEM account ( the SYSTEM account is fun to play with )
Many programs use it as a POC such programs as Cain and Abel
Last edited by animerth; 02-12-2008 at 08:53 PM.
Posting Permissions
