Packages and Binaries:

samdump2

This tool is designed to dump Windows 2k/NT/XP password hashes from a SAM file, using the syskey bootkey from the system hive.

This package also provides the functionality of bkhive, which recovers the syskey bootkey from a Windows NT/2K/XP system hive.

Syskey is a Windows feature that adds an additional encryption layer to the password hashes stored in the SAM database.

Installed size: 44 KB
How to install: sudo apt install samdump2

Dependencies:

libc6
libssl3t64

samdump2

Retrieves syskey and extract hashes from Windows 2k/NT/XP/Vista SAM.

root@kali:~# samdump2 -h
samdump2 3.0.0 by Objectif Securite (http://www.objectif-securite.ch)
original author: [email protected]

Usage: samdump2 [OPTION]... SYSTEM_FILE SAM_FILE
Retrieves syskey and extract hashes from Windows 2k/NT/XP/Vista SAM

  -d		enable debugging
  -h		display this information
  -o file	write output to file

Updated on: 2024-May-23

Edit this page

rz-ghidra scalpel