.net - Retrieving Windows Password Hint from the registry -

.net - Retrieving Windows Password Hint from the registry -

i have been trying extract windows login password hint windows 7 programmatically , came know can retrieved next location in registry hklm\sam\sam\domains\account\users\"userkey"\userpasswordhint however, not able figure out there way find out userkey logged-on user programmatically?

if can current user name, it's quite easy, using same registry tree.

take in hklm\sam\sam\domains\account\users\names\{username}. value of entry relate proper userkey.

of course of study remember hint may not exist.

edit

ha! nailed it!

as said in comment, it's not values of node contain proper value, it's type of default entry of node. it's hard, if not impossible, obtain c#, types not standard. have troubles approach, changed it.

the hexadecimal value phone call userkey is, in fact, lastly part of user sid (this part called rid). far know, every administrator has rid = 500, every invitee = 501, normal users starting 1000 or 1001, can't remember right now.

and in hexadecimal?

500 = 0x1f4 501 = 0x1f5 1000= 0x3e9 ...

looks familiar?

so need sid of user, extract interesting part, convert padded hexadecimal string , retrieve value.

static void main(string[] args) { securityidentifier sid = system.security.principal.windowsidentity.getcurrent().user; var rid = sid.tostring().split('-').last(); var hexvalue = int.parse(rid).tostring("x").padleft(8, '0'); registrykey key = registry.localmachine.opensubkey(@"sam\sam\domains\account\users\"+hexvalue); seek { var hint = key.getvalue("userpasswordhint"); //... } grab (exception) { console.writeline("could not access value"); } }

watch out!

as far know cannot access sam database if you're not privileged enough. running scheme user (e.g. psexec -s yourbinary.exe) helps, changes current user, , programme fails. need work out on own how run interesting user.

.net windows c#-4.0 regedit