LSASecretsDump - Dump LSA secrets from the Registry

LSASecretsDump v1.10
Copyright (c) 2006 - 2007 Nir Sofer
Web Site: http://www.nirsoft.net

Description

LSASecretsDump is a small console application that extract the LSA secrets from the Registry, decrypt them, and dump them into the console window.
The LSA secrets key is located under HKEY_LOCAL_MACHINE\Security\Policy\Secrets and may contain your RAS/VPN passwords, Autologon password, and other system passwords/keys.

Versions History

Version 1.10 - Added support for Windows Vista.
Version 1.00 - First release.

License

This utility is released as freeware. You are allowed to freely distribute this utility via floppy disk, CD-ROM, Internet, or in any other way, as long as you don't charge anything for this. If you distribute this utility, you must include all files in the distribution package, without any modification !

Disclaimer

The software is provided "AS IS" without any warranty, either expressed or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. The author will not be liable for any special, incidental, consequential or indirect damages due to loss of data or any other reason.

Using LSASecretsDump

LSASecretsDump is a console application, so in order the view the output, you have to run it in console (Command-Prompt) window.
As with any console application, you dump the output into a file, for example:
LSASecretsDump.exe > c:\temp\lsa.txt

System Requirement

This utility works on Windows 2000/XP/2003. Windows 98/ME is not supported.

Feedback

If you have any problem, suggestion, comment, or you found a bug in my utility, you can send a message to nirsofer@yahoo.com

Download LSASecretsDump