- Pwdump
pwdump is the name of various Windows programs that output the LM and
NTLM password hashes of local user accounts from theSecurity Account Manager (SAM). In order to work, it must be run under an Administrator account, or be able to access an Administrator account on the computer where the hashes are to be dumped; so pwdump does not compromise security. Most of these programs areopen-source .# [http://us4.samba.org/samba/ftp/pwdump/ pwdump] - original program by
Jeremy Allison (public domain)
# [http://www.securiteam.com/tools/5ZQ0G000FU.html pwdump2] - by Todd Sabin of Bindview (GPL), uses DLL injection
#pwdump3 - by Phil Staubs (GPL), works over the network
#*pwdump3e - by Phil Staubs (GPL), sends encrypted over network
#pwdump4 - by bingle (GPL), improvement on pwdump3 and pwdump2
#pwdump5 - by AntonYo! (freeware)
# [http://www.foofus.net/fizzgig/pwdump/ pwdump6] - by fizzgig (GPL), improvement of pwdump3e
#* [http://www.foofus.net/fizzgig/fgdump/ fgdump] - by fizzgig, improvement of pwdump6 w/ addons
# [http://www.514.es/2007/06/pwdump7.html pwdump7] - by Andres Tarasco (freeware), uses own filesystem drivers* [http://passwords.openwall.net/microsoft-windows-nt-2000-xp-2003 Openwall password tools] - with copies of pwdump2, pwdump3, pwdump3e, pwdump4, pwdump5, pwdump6, and pwdump7
Also consider COPYPWD by System Tools which can import password hashes for system migration or password synchronisation.
See related, [http://www.liddicott.com/~sam/?p=97 SKCLONE, imports and exports passwords on 32 and 64 bit windows] .
Wikimedia Foundation. 2010.
