I have recently downloaded a version of Backtrack in the belief that it is much similar to auditor.
I have used auditor many times to recover passwords etc for the general manager and other people in these roles. These passwords are often forgotten because of security really being enforced here.
I used to just use the commands below:
“bkhive-linux /hard disk name/WINDOWS/system32/config/system syskey.txt”
After BKHIVE was run then i used to run SAMDUMP2
“samdump2-linux /hard disk name/WINDOWS/system32/config/SAM syskey.txt >password-hashes.txt”
After this i just used John the ripper on the password hashes file and this presented me with the administrator password (Which was also changed to the users password for security. Personally a stupid policy).
Although this doesnt seem to work with Backtrack 3 as i have installed it onto a USB stick for more portability and i plan to create a file to do this with just a click
Any help is muchly appreciated
