Dump the syskey bootkey from a Windows system hive
http://ophcrack.sourceforge.net/
This tool is designed to recover the syskey bootkey from a Windows NT/2K/XP
system hive. Then we can decrypt the SAM file with the syskey and dump
password hashes.
Syskey is a Windows feature that adds an additional encryption layer to the
password hashes stored in the SAM database.
Version: 1.1.1
General Commands | |
| bkhive | bkhive dumps the syskey bootkey from a Windows NT/2K/XP/Vista system hive. |