Founded in 1990, ElcomSoft Co. Ltd. is a leading developer of digital forensics tools. The company offers state-of-the-art solutions for businesses, forensic and law enforcement specialists, provides training and consulting services on mobile and computer forensics. ElcomSoft forensic products and tools are used for criminal investigations by the law enforcement. Today, the company offers the complete range of mobile and computer forensic tools, corporate security solutions and tools for IT security audits.
ElcomSoft tools are used by most of the Fortune 500 corporations, multiple branches of the military all over the world, foreign governments, and all major accounting firms. ElcomSoft is a Microsoft Partner (Gold Application Development), Intel Premier Elite Partner and member of NVIDIA’s CUDA/GPU Computing Registered Developer Program.
Proactive System Password Recovery
Recover many types of Windows passwords and review hidden information such as product keys. Extract Wi-Fi encryption keys (WEP and WPA-PSK), VPN, RAS and dial-up passwords, passwords to network shares and RDP.
Extract many types of passwords from Windows systems
Quickly build a custom dictionary consisting of users’ existing passwords
Reveal passwords to network shares, RAS, dial-up and RDP connections
Recovers passwords that cannot be instantly extracted
Supports: auto logon passwords, Windows user passwords, Wireless encryption keys (WEP and WPA-PSK), stored user passwords, VPN, RDP, RAS and dial-up passwords
Instantly Recover Windows Passwords
If the user can log in to Windows, Proactive System Password Recovery recovers many types of passwords instantly and without lengthy attacks, as well as displays hidden system information such as Product ID and CD Key.
Features and Benefits
Proactive System Password Recovery is not limited to retrieving passwords, and allows manipulating with user credentials and Registry files.
Control over user credentials: runs any program with other user’s credentials
Displays password history hashes
Reads and decrypts password hashes directly from Registry files (SAM and SYSTEM)
Backs up Registry files and Active Directory database from local or remote computers
Decrypts Windows scripts protected with Script Encoder
Shows all users, their group membership and privileges
Activates disabled controls
Decrypts and browses Windows Protected Storage that keep passwords and auto-complete records for Internet Explorer, Outlook, and Outlook Express
Browses ‘LSA Secrets’ records
Displays Product ID and CD Key for Windows and Microsoft Office installations
Supports Windows 7 (including password for HomeGroup, cached logon password and password history hashes)
Extracts saved passwords from Apple Safari (and use them in Intelligent Password Recovery engine)
Certain types of passwords that cannot be recovered instantly are attacked with advanced, highly customizable combinations of dictionary and brute-force attacks.
Many computer users protect different accounts with exactly the same passwords, or with slight variations of a single password. Proactive System Password Recovery automatically adds each password it discovers into a dictionary, quickly unlocking accounts protected with any of the previously recovered passwords and their variations. As many types of passwords are discovered instantly, the chances of unlocking other types of accounts in just minutes are very high.
Advanced Social Engineering
There are passwords that can be recovered instantly, and there are secure passwords that require lengthy attacks to be recovered. However, many computer users use the same or similar passwords to protect various system resources, and even use the same passwords to protect their system accounts.
Proactive System Password Recovery employs an advanced social engineering technology to retrieve all instantly recoverable passwords and try these passwords when unlocking secure ones. Moreover, Proactive System Password Recovery adds all recovered passwords into the dictionary and performs a dictionary attack that is orders of magnitude faster than the brute force recovery.
Types of Passwords
Proactive System Password Recovery can retrieve various passwords assuming that the user has logged in to the system.
Windows 95/98/ME logon password (user must be logged on)
Windows NT4/2000 logon password (user must be logged with administrative privileges)
Windows 7 logon password (if it has not been changed)
Windows 95/98/ME/NT4/2000/XP/2003 auto logon password
.NET Passport password
Wireless encryption keys (WEP and WPA-PSK) that are stored with WZC
Windows XP stored user passwords (multiple credentials)
RAS and dial-up passwords
Passwords to VPN (Virtual Private Network) connections
Passwords and access rights to shared resources
Passwords hidden under the asterisks
Password stored on Password Reset Disk
Passwords to Remote Desktop Connections
Windows 7 HomeGroup password
Not all types of passwords can be recovered instantly. Windows securely encrypts several types of passwords, making it necessary to apply advanced attacks in order to recover them.
Many users have passwords that contain words from their native language, numbers and dates from their life, combined with random numbers and characters. ElcomSoft implements several advanced technologies that allow faster recovery. A highly customizable dictionary attack allows specifying various modifiers to the dictionary words. Advanced masks make it possible to specify pieces of information that are known or can be guessed about a password in order to speed up the recovery. The following passwords are quickly recovered with advanced attacks.
Windows NT/2000/XP/2003/Vista/2008/WIndows 7 user passwords