Win NT proprietary pw encryption (Was: Re: Windows .PWL cracker...)

Andy Brown a.brown at
Tue Dec 12 02:48:33 PST 1995

Ted Cabeen wrote:

> I took a quick look in my NT registry and you can get access to the Account
> Manager section of the registry by manually changing the permissions and
> giving yourself access.  I didn't have the time to look at all of the
> entries in the registry, but there's a lot of stuff there and I wouldn't be
> suprised if the encryted passwords were available.  Of course, you have to
> be an administrator to change the permissions, but it is possible.

The encrypted passwords are in the "SECURITY" section, which the OS will not
let you change the permissions to.  Most user account information is available
under NT via the NetUser... API functions, the passwords are not.  You probably
came across the settings for the Security Account Manager, not the data that it
looks after.


- Andy

More information about the Testlist mailing list