Where windows passwords are really located ?
Some information about windows passwords are easy to find like the registry file where passwords are located : %windir%/System32/config/SAM
But the full path where to find the hash is hardest to find ; it's stored in the windows registry under the key :
"HKLM\SAM\SAM\Domains\Account\Users\00000XXX" (where "XXX" is the account number) in a value named "V".
The hash is stored at a variable offset that is stored at offset 0x9C and is a 4 byte little endian value.
With these informations, you can find directly in the registry password data and read, copy, or change it, without any non-microsoft windows software.
PS : Some authorization modification is necessary to access "SAM" key, even with Administative account.
The other way is to lauch registry editor as system account.