Description:
SAMInside program is designated to recover Windows NT/2000/XP/2003/Vista users’ passwords and has some outstanding features:

1. The program has small size, doesn’t require installation and can be run from diskette, CD/DVD-disk or USB-drive.
2. Includes over 10 types of data import and 6 types of passwords attack:
- Brute-force attack;
- Distributed attack;
- Mask attack;
- Dictionary attack;
- Hybrid attack;
- Pre-calculated tables attack.
3. Forcing program code is written completely on Assembler what lets to get extremely high speed of password forcing procedure on any processor.
4. Program correctly extracts Windows NT/2000/XP/2003/Vista users’ names and passwords in national symbol encoding.
5. The program is the first utility in the world which started to work with passwords encrypted by system key SYSKEY!

Data import

SAMInside has the following data import features:

* “Import from SAM and SYSTEM registry files” - import of users’ data from SAM registry file. If there’s additional encryption by SYSKEY in the imported SAM file (on default enabled in Windows 2000/XP/2003/Vista), then the program will also need SYSTEM Windows registry file located at the same Windows directory there SAM file was - folder %SystemRoot%\System32\Config. Copies of these files may be also found in %SystemRoot%\Repair and %SystemRoot%\Repair\RegBack folders. (Note: %SystemRoot% - is a system directory of OS Windows, usually C:\WINDOWS or C:\WINNT).
* “Import from SAM registry file and file with system key” - import of users’ from SAM Windows registry file using file with system key SYSKEY.
* “Import from PWDUMP file” - import of users’ data from text file of PWDUMP program format. You can find test files with users in the SAMInside program archive.
* “Import from *.LC file” - import of users’ data from files created by L0phtCrack program.
* “Import from *.LCP file” - import of users’ data from files created by LC+4 and LC+5 programs.
* “Import from *.LCS file” - import of users’ data from files created by LC4 and LC5 programs.
* “Import from *.HDT file” - import of users’ data from projects created by Proactive Windows Security Explorer program and Proactive Password Auditor program.
* “Import from *.LST file” - import of users’ data from the LMNT.LST file, created by Cain&Abel program.
* “Import local users …” - import of local users’ data (to do that launch the program with Administrator user’s rights). The program uses the following methods to get local users:

1. ” … using LSASS” - import of local users’ data using connection to LSASS process.
2. ” … using Scheduler” - import of local users’ data using system utility Scheduler.

* The program also lets to add users with known LM/NT hashes through the dialog box (Alt+Ins).

Maximal users quantity program works with is 65536.

Data export

SAMInside has the following data export features:

* “Export users in PWDUMP file” - export all users’ data to text file in the PWDUMP program format. Then you can load got file to any passwords recovery program you like.
* “Export selected users in PWDUMP file” - export selected users’ data to text file in the PWDUMP program format.
* “Export found passwords” - export found passwords in format “User name: Password”.
* “Statistics export” - export of current program statistics to the text file.

Passwords recovery

Brute-force attack:

This kind of attack is exhaustive search of all probable password variants.

Brute-force attack also includes distributed attack. This kind of attack allows to use several different computers to recover passwords distributing passwords to process between them. This kind of attack is enabled automatically when user sets more than one computer to participate in attack. Then feature of range selection for current computer becomes available. So, to start distributed attack you need to:

1. Run program on several computers.
2. Choose number of computers for attack.
3. Make the same settings for attack for all computers.
4. Choose special range for passwords attack for each computer.
5. Run brute-force attack on every computer.

Mask attack:

This kind of attack is used if there’s any information about the password. For example:
- Password starts from the symbol combination “12345″;
- First 4 symbols of the password are numbers, others are letters;
- Password has 10-symbol length and there’s symbol combination “admin” in the middle of the password;
- etc.

Mask attack settings allow to form mask for passwords to attack and to set maximal length of passwords to process. Mask setting is the following: if you don’t know N-symbol of the password, then set N-checkbox of mask and choose mask for this symbol in appropriate textual field. If you know any symbol of the password, enter it to N textual field and switch off mask checkbox.

Program uses the following masks:
? - any printable symbol (ASCII-codes 32…255).
A - any Latin capital (A…Z).
a - any small Latin (a…z).
S - any special symbol (!@#…).
N - any number (0…9).
1…8 - any symbol from custom symbol set; you may have up to 8 sets specified.

Dictionary attack:

Dictionary is text file consisted of commonly used passwords like
123
admin
master
etc.

Dictionary attack settings include hybrid attack, i.e. feature to append up to 2 symbols before or after the password what lets to recover passwords like “master12″ or “#admin”.

Pre-calculated tables attack:

This type of attack uses Rainbow technology (http://www.antsight.com/zsl/rainbowcrack/) to create pre-calculated tables.

Additionally:

* All kinds of attack require additional specification what type of hashes (LM or NT) to use for password recovery.
* Mark the files you’re going to use for dictionary attack (in the dictionary files list) and for pre-calculated tables attack (in the tables list).

Command line parameters

The program may be managed using the following command line parameters:

-hidden : launch program in the hidden mode;
-noreport : prohibits program reporting the end of attack;
-import : program will perform automatic local users import on launch;
-export : program will import local users, save it to the file SAMInside.OUT and finish work;
-minimize : run the program minimized to tray.

Additional features

* Check password for all users loaded to the program.
Enter the password to the “Current password:” textual field and press F2. Then program will check the password for all users who have no password found.
* “Hidden mode” of program work (Ctrl+Alt+H).
When you choose this mode the program will disappear from display and from taskbar.
To return from hidden mode press the same key combination.

There are also the following console utilities to work with SAM and SYSTEM Windows registry files in the program archive:

* GetSyskey - the program extracts SYSKEY key from the SYSTEM registry file and saves it to the separate 16-byte file.
* GetHashes - the program gets users’ hashes using SAM registry file and SYSKEY key.

Homepage:

1×270kb
|RS|
Download.
|MU|
Download.
|Spreadmyfiles|
Download.
|Uploaded|
Download.
|1filesharing|
Download.
|Ezuploads|
Download.