Forum Discussion
Windows Security blocked a threat in Hirens BootCD
Hirens BootCD version 10.2 (older version)
It found PWDump!rfn and Google AI says The !rfn part is not a standard, publicly documented command-line switch for PWDump
Did a search in these forums for "PWDump" and got no hits
Anyone know anything about this? I'm guessing it's OK and that it only has POTENTIAL for misuse.
I downloaded Hirens BootCD for my neighbors Windows 7 computer that won't boot.
3 Replies
Coz the ISO image is not signed.
PWDump is a utility used to extract password hashes from Windows SAM (Security Account Manager) database.
Sometimes, tools like PWDump are customized or bundled with scripts that add extra commands or switches. The !rfn could be part of a custom wrapper, a renamed version, or a specific flag used by a particular build.
