(05-19-2017, 06:03 PM)Sherlock12 Wrote: Thanks for the replies, most helpful. I was able to pull the hash successfully with Mimikatz. Step by step as follows:
1) Download Mimikatz
2) Extract target SAM and SYSTEM hives
3) Move SAM and SYSTEM hives to Mimikatz folder
4) Run Mimikatz
5) Use the following command within the Mimikatz interface: lsadump:am /system:SYSTEM /sam:SAM
This was my first time using this forum, big fan of the results!!
so basically what u did was to take these two files (C:\Windows\System32\config\SAM & SYSTEM)offline and use Mimikatz afterwards on a different machine ?
(05-20-2017, 03:15 PM)justme Wrote: Authentication credentials for MS accounts are stored in registry (Win8) and system directory (Win10). Strong pbkdb2 is used to protect the credentials. No point to brute. You can successfully try to brute DPAPI master key instead to figure out user's logon password without accessing SAM hashes.
can u clarify ur self please