Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Security Account Manager
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Related attacks=== In Windows NT 3.51, NT 4.0 and 2000, an attack was devised to bypass the local authentication system. If the SAM file is deleted from the hard drive (e.g. mounting the Windows OS volume into an alternate operating system), the attacker could log in as any account with no password. This flaw was corrected with Windows XP, which shows an error message and shuts down the computer. However, there exist software utilities,<ref>An example of offline NT password attack utility: http://cdslow.org.ru/en/ntpwedit/index.html</ref> which, by the aforementioned methodology of using either an emulated virtual drive, or boot disk (usually Unix/Linux, or another copy of Windows like [[Windows Preinstallation Environment]]) based environment to mount the local drive housing the active NTFS partition, and using programmed software routines and function calls from within assigned memory stacks to isolate the SAM file from the Windows NT system installation directory structure (default: <code>%SystemRoot%/system32/config/SAM</code>) and, depending on the particular software utility being used, removes the password hashes stored for user accounts in their entirety, or in some cases, modify the user account passwords directly from this environment. This software has both a highly pragmatic and beneficial use as a password clearing or account recovering utility for individuals who have lost or forgotten their Windows account passwords, as well as a possible use as a malicious software security bypassing utility. Essentially granting a user with enough ability, experience, and familiarity with both the cracking utility software and the security routines of the Windows NT kernel (as well as offline and immediate local access to the target computer) the capability to entirely bypass or remove the Windows account passwords from a potential target computer. Only recently, Microsoft released a utility called LockSmith, which is part of Microsoft [[Desktop Optimization Pack#Restore|Diagnostics and Recovery Toolset]] (DaRT).<ref>{{cite web |title=Overview of the Tools in DaRT 10 - Microsoft Desktop Optimization Pack |url=https://learn.microsoft.com/en-us/microsoft-desktop-optimization-pack/dart-v10/overview-of-the-tools-in-dart-10 |website=learn.microsoft.com |access-date=15 November 2024 |language=en-us |date=20 April 2021 |publisher=[[Microsoft Corporation]]}}</ref> DaRT is not freely available to end-users, however.<ref>{{cite web |title=About DaRT 10 - Microsoft Desktop Optimization Pack |url=https://learn.microsoft.com/en-us/microsoft-desktop-optimization-pack/dart-v10/about-dart-10 |website=learn.microsoft.com |publisher=[[Microsoft Corporation]] |access-date=15 November 2024 |language=en-us |date=20 April 2021}}</ref> In July 2021, it was revealed there was a vulnerability within Windows 10 and Windows 11 that allowed low privileged users to access sensitive Registry database files including the SAM file.<ref>{{Cite news |last=Abrams |first=Lawrence |date=2021-07-20 |title=New Windows 10 vulnerability allows anyone to get admin privileges |url=https://www.bleepingcomputer.com/news/microsoft/new-windows-10-vulnerability-allows-anyone-to-get-admin-privileges/ |access-date=2024-11-12 |work=[[Bleeping Computer]]}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)