A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y

Z

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

What

Description

The user passwords are stored in a hashed format in a registry hive either as a LM hash or as a NTLM hash. This file can be found in %SystemRoot%/system32/config/SAM and is mounted on HKLM/SAM.

%SystemRoot%/system32/config/SAM and is mounted on HKLM/SAM.

The use of dd

Cloning a partition

From physical disk /dev/sda, partition 1, to physical disk /dev/sdb, partition 1.

# dd if=/dev/sda1 of=/dev/sdb1 bs=64K conv=noerror,sync

Warning: If output file of= (sdb1 in the example) does not exist, dd will create a file with this name and will start filling up your root file system!

Cloning an entire hard disk

From physical disk /dev/sdX to physical disk /dev/sdY

# dd if=/dev/sdX of=/dev/sdY bs=64K conv=noerror,sync