samdump2(1) retrieves syskey and extract hashes from Windows 2k/NT/XP/Vista SAM.

SYNOPSIS

samdump2 [OPTIONS] SYSTEM_FILE SAM_FILE

DESCRIPTION

samdump2 is designed to dump Windows 2k/NT/XP password hashes from a SAM file, using the syskey bootkey from the system hive.
-d
enable debugging
-h
display this help
-o file
write output to file

EXAMPLE

samdump2 -o out /mnt/ntfs/WINDOWS/system32/config/system /mnt/ntfs/WINDOWS/system32/config/sam

AUTHOR

This manual page was written by Adam Cecile <[email protected]> for the Debian system (but may be used by others) and modified by Objectif Securite <[email protected]> Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL-2.