Retrieves syskey and extract hashes from windows 2k/nt/xp/vista sam.
samdump2 [OPTIONS] SYSTEM_FILE SAM_FILE
samdump2 is designed to dump Windows 2k/NT/XP password hashes from a SAM file, using the syskey bootkey from the system hive.
-d
enable debugging
-h
display this help
-o file
write output to file
samdump2 -o out /mnt/ntfs/WINDOWS/system32/config/system /mnt/ntfs/WINDOWS/system32/config/sam
This manual page was written by Adam Cecile <[email protected]> for the Debian system (but may be used by others) and modified by Objectif Securite <[email protected]> Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL-2.