Which algorithms are used (which hash, do they use salt, …)
Only the MD4 hash is normally used. It is not salted, since the SAM database is only accessible to the
Administrators group and to
NT AUTHORITY\SYSTEM internal account.
The LM hash is only stored for compatibility reasons. (See paragraph below.) It is very insecure (its history starts with OS/2 and MS-DOS), and crackable in (I think) minutes. Windows only uses it when logging in to old servers; however, if stored it can be extracted with a LiveCD or such.
In Windows 7, storing of LM hashes is disabled. In earlier releases you can disable it manually in security policies (
secpol.msc → Local Policies → Security Options → Network Security: Do not store LAN Manager hash).
Where are the passwords stored?
Security Accounts Manager database – a part of Registry, stored under
Since Windows 2000, the SAM database is additionally encrypted by default.
<afaik> The key is scattered all over the (same) registry file, but is still recoverable.
</afaik> But if you want, you can move the encryption key to a floppy drive, or to use an additional password. (You will be asked for it on boot.) This is done using SYSKEY (
(SYSKEY support was added in NT 4.0 SP3, but disabled by default until W2000.)
Are there known exploits?
Cracking LM hashes? More than you can imagine.
MD4 seems to be more secure, but be sure to read that Wikipedia article.