samdump2

Dump Windows 2k/NT/XP password hashes

Install

All systems
curl cmd.cat/samdump2.sh
Debian Debian
apt-get install samdump2
Ubuntu
apt-get install samdump2
image/svg+xml Kali Linux
apt-get install samdump2
Fedora
dnf install samdump2
Windows (WSL2)
sudo apt-get update sudo apt-get install samdump2
Raspbian
apt-get install samdump2

samdump2

Dump Windows 2k/NT/XP password hashes

This tool is designed to dump Windows 2k/NT/XP password hashes from a SAM file, using the syskey bootkey from the system hive. This package also provides the functionality of bkhive, which recovers the syskey bootkey from a Windows NT/2K/XP system hive. Syskey is a Windows feature that adds an additional encryption layer to the password hashes stored in the SAM database.