pwdump is the name of various Windows programs that output the LM and NTLM password hashes of local user accounts from the Security Account Manager (SAM). In order to work, it must be run under an Administrator account, or be able to access an Administrator account on the computer where the hashes are to be dumped. Pwdump could be said to compromise security because it could allow a malicious administrator to access user's passwords.
- pwdump (1997) — original program by Jeremy Allison.
- pwdump2 (2000) — by Todd Sabin of Bindview (GPL), uses DLL injection.
- pwdump3 — by Phil Staubs (GPL), works over the network.
- pwdump3e — by Phil Staubs (GPL), sends encrypted over network.
- pwdump4 — by bingle (GPL), improvement on pwdump3 and pwdump2.
- pwdump5 — by AntonYo! (freeware).
- pwdump6 (c. 2006) — by fizzgig (GPL), improvement of pwdump3e. NO source code.
- fgdump (2007) — by fizzgig, improvement of pwdump6 w/ addons. No source code.
- pwdump7 — by Andres Tarasco (freeware), uses own filesystem drivers. No source code.
This article needs additional citations for verification. (June 2017) (Learn how and when to remove this template message)
- Allison, Jeremy (30 September 2012). "Index of /pub/samba/pwdump". Samba. Retrieved 15 June 2017.
- Sabin, Todd (1 February 2017). "New version of PWDump2 allows dumping of password hashes Active Directory". SecuriTeam.com. Retrieved 15 June 2017.
- Openwall password tools - with copies of pwdump, pwdump2, pwdump3, pwdump3e, pwdump4, pwdump5, pwdump6, fgdump, and pwdump7
|This security software article is a stub. You can help Wikipedia by expanding it.|