This tweet seems to indicate that main changes are getSamKey and getHash: I'm considering asking on some Microsoft website if I can't find the answer to this soon. The two last fields are not the last login date too, since I kept one account with unchanged password and its V field stayed the same. Using info on this webpage I found out that 'only' LM, NT and two last unknown entries change in the V field after a password is changed. The new method doesn't put 20 in that spot so the default empty string hashes are printed instead. Is there a plan to crack this and support it in this tool? The issue is also impossible to google for because any 'windows' and 'anniversary' results are full of irrelevant info. Sadly that tool is not open source and doesn't explain how it does it. I've found out that much on my own but thank you for the link.
0 Comments
Leave a Reply. |