Seems I have misunderstanding with you and Vladimir's question.
I don't know how MBSA to do for weak password checking. But depend on my
limited and tiny knowledge of Windows system security, the password was
stored either in local security accounts manager (SAM) database or Active
Directory. please refer to this page
Unfortunately, the SAM is a dark box. Microsoft said that we can't access
the SAM database directly by any method, but only through LSA system
interface. But LSA system is also a dark box, there are many of exported
functions without document released. And I think Microsoft's guy will not
open the secret to the world forever, because we don't know who is good guy
to write a program for enhance security and who is bad guy to write a program
for steal someone's password. If Microsoft open the secret, then Windows OS
will not be secured anymore.
I believe that MBSA has some secret to check weak password, may be handle
the database of SAM through un-documented API of LSA, or may be try to attack
each account by closet attack, who know. Unless, we write a program to filter
and capture the each function calls when MBSA doing on weak password.
Sorry for I can't help you for this topic, may be some of Microsoft's guy
who programming LSA or MBSA will know how to do.
Post by Sam Hobbs
Thank you, Johnny.
I certainly will be careful if I were to do something such as writing a Gina
I am not the person that posted the original question, but note that
Vladimir asked how MBSA detects a "blank or weak password". I believe you
that MBSA does not get the password. Therefore MBSA is somehow testing the
validity of various gueses, right? I don't know a lot about security, but I
have read enough about security (including many messages in this newsgroup)
to know that one of the most commonly used techniques to crack a password is
to simply try many possibilities but it is often unnecessary to compare the
actual password to determine if it is a match.
I am sorry I am not using the correct terminology but I hope you understand
what I mean. Also, if I knew what terminology to use in a search, I probably
can find what I need in previous answers in this newsgroup.