I interpreted it as ... "I, or someone, extracted the SAM file and now I'm trying to crack the password in order to login and access the data." Having just the SAM completely out of context seems pretty unlikely outside of a classroom exercise.
I couldn't tell how much tongue-in-cheek you intended.
Not at all.
I originally wrote RegRipper in 2008 because the process we used at the time entailed us having access to Registry hive files, and very often not the entire image.
The same occurs today. I've engaged with more than a few teams over the past 3 - 4 yrs that would have access to Registry hives, including the SAM.
DigitalGuardian makes their wingman.exe tool available for free online...you can use this to extract the SAM hive from systems.
@keydet89 But in this case as the OP described it, if you can extract the SAM and you have possession of the laptop then the laptop is not encrypted and you never needed the SAM in the first place.
You and I briefly worked the same project circa 2009, so I can relate to having the SAM without having access to the full image but that was a very unusual environment and not one I would typically expect to see.
I retired a while back so mainly just kibitz now, but I still have two of your books.
It was nice talking with you.
> ...never needed the SAM in the first place.
Bingo.
> You and I briefly worked the same project...
Interesting. Sorry, but that doesn't tell me who you are.
Thanks.