Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

About blackMath

  • Rank

Recent Profile Visitors

420 profile views
  1. blackMath


    Hi! 1st question: we know about that. and all tools on the kali suite as far as im concerned (last time i checked..) dumps the wrong hash.. maybe this will be the time ill write to offensive-security to add our new (and working) version... 2nd question: it's due to backward compatibility: it's true that LM hashes are disabled by default, but you can still force win to enable that. and because of that, the registry keys holding those hashes keeps "a place" also for the LM hashes to guarantee backward compatibility. because we deal with a raw registry binary key, and the program works in terms of simple offsets, (where those hashes are stored) we dump anyway the hash. there are 3 possibilities: - LM is disabled: the space holding the hash is filled with 0s (so we dump what is called "the empty LM hash") - LM is enabled but password not set: again, filled with 0s and again we dump the empty hash - LM is enabled and a password is set: we dump the corresponding hash So, if the doubt is: do we tell between 1st and the 2nd case? the answer is, actually, no. I don't remeber if that information is inside those same reg keys we use for the actual dump, or anywhere else... i could fix it up for sure on a "live" dump (on a live system), for offline dump it depends on it, i wont add more keys to be exported, to maintain the same behavior of the others pwdump versions... I will check! i hope now everything its clear... for further question write to us @ info@blackmath.it! I hope you (and me) soon will find pwdump8 in the kali repo!
  2. blackMath


    Hi everyone!! since from win10 version 1607 latest pwdump and other similar tools stop to dumps hash correctly, we decided to code a new version of pwdump8 that supports newly AES-encrypted hashes!! No source code was released at this time, but you can find binaries available to download on our site Enjoy your hashes!!
  • Create New...