RECOVERING WINDOWS NT PASSWORDS



Index

1)	Index
2)	Introduction
3)	Needed Files
4)	Cracking

Introduction

Note from Author: “Every once in a while you may forget your password to your 
Windows NT or Windows NT like machine, this document will teach you how to get those 
passwords back so you may have your beautiful box again.” – slAve

Caution: This information may also be used to steal passwords! This is not the intent of 
this document!

NOTES:
*	Need to be able to access the machine in some fashion (this can be done by 
simply putting in a boot floppy)
*	A faster machine is preferable 

Needed Files

There are a few things that are necessary in recovering NT passwords.

The program PWDUMP2 will be extremely helpful in the process of getting passwords 
back. The other program needed is LC3 (l0phtcrack). 

Links:
	http://www.webspan.net/~tas/pwdump2/
	http://www.atstake.com/research/lc3/





Cracking

Now that you have PWDUMP2, open up a DOS prompt and cd to the directory that you 
have PWDUMP2 [default: C:\pwdump2\] stored in. Once there, type the following:

	pwdump2

This will put output to the screen that just looks like a bunch of letters and numbers, this 
means that it works. To save its contents to a text file, type the following:

	pwdump2 > myDump.txt

This will create a new text document, myDump.txt. Remember where this file is, it is 
important for later.

By now, if you have not installed LC3, install it.

Open up LC3 and go thru all the screens but skip that wizard.

Go to File > New Session…

Now, go to Import > From PWDUMP file…

Select the document, myDump.txt, that you made earlier.

Now, click the “Play” button and it will start cracking the passwords, if you did not use a 
dictionary word as a password you will need to register your version of LC3 to use the 
“Brute Force” method.

The cracking process can take hours, days, or even weeks depending on the speed of the 
machine and the password’s length and variety in characters.











END.