ELCOMSOFT.COM » Proactive System Password Recovery

User interface

Top  Previous  Next

The program menu is located at the left of the main screen, just as in Microsoft Outlook, and it contains buttons for the Main menu, Advanced features, Revelation, Miscellaneous, Recover PWL, Options, Help and Exit.  Click on a button to switch to the appropriate pages.

 

Most interface elements (such as buttons, rows in the "list view" windows, etc.) have pop-up "tooltips" which give more details about them: e.g., what action will be performed when the button is pressed. "List view" elements also have context-sensitive menus appearing on a right button click.

 

The program also supports keyboard hotkeys. Use CTRL-<digit> to select the high-level menu item, and ALT-<digit> to switch to the low-level item under it (in order).

 

Main menu (CTRL-1)
Logon password
Cached passwords1
RAS entries
Shared info
Recovered hashes2
Screensaver password1
Domain cached credentials3
Advanced features (CTRL-2)
Groups and users2
NT secrets3
Run as2
Windows CD key
Net passwords4
Revelation (CTRL-3)
Behind asterisks
Control reviver
Registry and AD2
Password reset disk4
Mail/FTP server emulator
Misc (CTRL-4)
Protected storage
Remote assistance4
Script decoder
Remote desktop
Wireless network5
Recover PWL (CTRL-5)
View PWL file
Bruteforce attack
Dictionary attack
Options (CTRL-6)
General options
PWL bruteforce options
PWL dictionary options
NT hash options
Help (CTRL-7)
Register the program
Help
About
System information

 

1 Available only on Windows 95, Windows 9 and Windows Me

2 Available only on Windows NT and up

3 Available only on Windows 2000 and up

4 Available only on Windows XP and up

5 Available only on Windows XP SP1 and up, when Wireless Zero Configuration service is used

 

The program also supports a few command-line switches:

 

-h

Help (shows command line switches)

-c <archive file name> <file or mask>

Compress the given file(s) into CAB archive

-d

Delayed run (starts after 10 seconds)

-u <user name> [-p <password>]

Starts using the credentials of the given user

-v <PWL-file> [-u <user name> [-p <password>]]

Shows PWL file using given user name and password

-noipr

Disables the IPR* feature

 

*IPR stands for Intelligent Password Recovery, and unique feature of PSPR which works transparent to the user, but really helps to recover long and complex passwords, as well as improves the program performance. When it is enabled, the program collects all passwords from the system when it starts (not every time, but on the first run and then on a regular basis) - of course, only those ones that can be recovered instantly or in a very short time (from secrets, Internet Explorer and Outlook Express, Mozilla, some network clients, network credentials etc). Then, all those passwords are compiled into the special internal dictionary/wordlist (saved as passdef.ssd in the program folder), and used in further recovery tasks where the encryption is really strong and requires time-consuming brute-force or dictionary attacks. For example, there is a good chance that some user account (used to log on into the system) has the same password as one of Outlook Express credentials. However, logon passwords are relatively hard to break, while OE passwords are saved in the system; and with IPR, such logon password will be recovered instantly.

 

However, collecting/updating IPR data may take some time - usually a few minutes, but sometimes more. Also, the program may even 'hang' on that step (i.e. when it starts) on certain circumstances, i.e. on a heavy loaded systems with a lot of accounts. If you encounter such problem, simply terminate PSPR from the Task Manager and restart it with -noipr switch.


Get more information about Proactive System Password Recovery
Get full version of Proactive System Password Recovery

(c) 2014 ElcomSoft Co.Ltd.