SAMInside is the first utility in the world which started to work with passwords encrypted by system key SYSKEY!

SAMInside passwords attack code is wholly written on Assembler what lets to get high speed of passwords attack.

Program also correctly extracts Windows NT/2000/XP/2003 users' names and passwords from the SAM Windows registry files in national symbol encoding.

SAMInside uses SAM Windows registry file (and Windows registry file SYSTEM if additional SYSKEY encryption is enabled) to recover Windows users' passwords. It also lets to import hashes (i.e. encoded passwords) of users from files of different formats

Here are some key features of "SAMInside":

· "Import from SAM and SYSTEM registry files" - import hashes from SAM Windows registry file. If there's additional encryption by SYSKEY in the imported SAM file (it's on default enabled in Windows 2000/XP/2003), then the program will also need SYSTEM Windows registry file located at the same Windows directory there SAM file is - in the folder %SystemRoot%System32Config. Copies of these files may be also found in %SystemRoot%Repair and %SystemRoot%RepairRegBack folders. (Note: %SystemRoot% - is a system directory of OS Windows, usually folder C:WINDOWS or C:WINNT).
· "Import from SAM registry file and file with system key" - import encrypted passwords from SAM Windows registry file using file with system key SYSKEY.
· "Import from PWDUMP file" - import hashes from text file of PWDUMP program format. You can find test files with such hashes in the SAMInside program archive.
· "Import from *.LC file" - import hashes from files created by L0phtCrack program.
· "Import from *.LCP file" - import hashes from files created by LCP4/LCP5 programs.
· "Import from *.LCS file" - import hashes from files created by LC4/LC5 programs.
· "Import from *.HDT file" - import hashes from projects created by Proactive Windows Security Explorer program.
· "Import from *.LST file" - import hashes from the LMNT.LST file, created by Cain&Abel program.
· "Import from local machine ..." - import encoded passwords from the local machine (to do that launch the program with Administrator user's rights). The program uses the following methods to get local hashes:
1. " ... using LSASS" - import local hashes using connection to LSASS process.
2. " ... using Scheduler" - import local hashes using system utility Scheduler


Limitations:

· Only Latin capitals may be used for brute-force attack.
· Mask attack is unavailable.
· Only one table is available for attack with pre-calculated tables