Cracking Windows NT/2000 Passwords Using L0phtCrack
¨Attacker must get a copy of the encrypted/hashed password representations stored in the SAM database of target machine
¨L0phtCrack includes “pwdump” tool for dumping Windows NT password representation from a local or remote machine across the network
–Requires administrator privileges on target machine
¨Pwdump3 http://www.ebiz-tech.com/pwdump3/ allows attacker to dump passwords from a SAM database or a Windows 2000 Active Directory
¨