Tim from the PenTest mailing list posted the following references that really delve deep into the Windows hive:
The Windows registry hive format is described here:
http://sentinelchicken.com/research/registry_format/
Also, some of Brendan Dolan-Gavitt's tools and blog
(http://moyix.blogspot.com/) posts may be helpful in figuring out
what's what in SAM hives.
No comments:
Post a Comment