Jump to content


Recommended Posts

Hi everyone!!

since from win10 version 1607 latest pwdump and other similar tools stop to dumps hash correctly, we decided to code a new version of pwdump8 that supports newly AES-encrypted hashes!!
No source code was released at this time, but you can find binaries available to download on our site

Enjoy your hashes!!


Link to comment
Share on other sites

  • 9 months later...
  • 2 months later...


1st question: we know about that. and all tools on the kali suite as far as im concerned (last time i checked..) dumps the wrong hash.. maybe this will be the time ill write to offensive-security to add our new (and working) version...

2nd question: it's due to backward compatibility: it's true that LM hashes are disabled by default, but you can still force win to enable that. and because of that, the registry keys holding those hashes keeps "a place" also for the LM hashes to guarantee backward compatibility. because we deal with a raw registry binary key, and the program works in terms of simple offsets, (where those hashes are stored) we dump anyway the hash.

there are 3 possibilities:

- LM is disabled: the space holding the hash is filled with 0s (so we dump what is called "the empty LM hash")

- LM is enabled but password not set: again, filled with 0s and again we dump the empty hash

- LM is enabled and a password is set: we dump the corresponding hash

So, if the doubt is: do we tell between 1st and the 2nd case? the answer is, actually, no. I don't remeber if that information is inside those same reg keys we use for the actual dump, or anywhere else... i could fix it up for sure on a "live" dump (on a live system), for offline dump it depends on it, i wont add more keys to be exported, to maintain the same behavior of the others pwdump versions... I will check!

i hope now everything its clear... for further question write to us @ info@blackmath.it! I hope you (and me) soon will find pwdump8 in the kali repo!

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...