Difference between revisions of "Bkhive, samdump2, john"

From Notes_Wiki
(Created page with "=Using bkhive, samdump2 and john to crack windows passwords= We can use bkhive, samdump2 and john to crack windows passwords. Weak passwords get cracked within minutes using ...")
 
m
Line 1: Line 1:
=Using bkhive, samdump2 and john to crack windows passwords=
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Penetration testing tools]] > [[John]] > [[Bkhive, samdump2, john]]


We can use bkhive, samdump2 and john to crack windows passwords. Weak passwords get cracked within minutes using this technique.  
We can use bkhive, samdump2 and john to crack windows passwords. Weak passwords get cracked within minutes using this technique.  
Line 14: Line 14:


Note: We can start john using '<tt>john --session=imp</tt>' and press 'Ctrl+C' to stop john in between. To resume we can use '<tt>john --restore=imp</tt>'.
Note: We can start john using '<tt>john --session=imp</tt>' and press 'Ctrl+C' to stop john in between. To resume we can use '<tt>john --restore=imp</tt>'.
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Penetration testing tools]] > [[John]] > [[Bkhive, samdump2, john]]

Revision as of 16:36, 28 August 2022

Home > CentOS > CentOS 6.x > Penetration testing tools > John > Bkhive, samdump2, john

We can use bkhive, samdump2 and john to crack windows passwords. Weak passwords get cracked within minutes using this technique.

  1. Copy 'C:\Windows\system32\config\sam' and 'C:\Windows\system32\config\security'. These files cannot be copied even as administrator when windows is running. Hence you have to boot target PC using Live CD to get these files.
  2. Unzip Bkhive.zip in some folder.
    usage: bkhive systemhive keyfile
    so type command: 'wine Bkhive.exe system keys.txt'
    Note: use Bkreg in place of Bkhive for pre Sp4 systems.
  3. Unzip Samdump2.zip in some folder
  4. Type command 'wine Samdump2.exe SAM keys.txt > hashes.txt'
  5. Now use 'john hashes.txt' to crack the passwords.
  6. To see the cracked passwords later, just type 'john -show hashes.txt' in same folder. There is a john.pot file in the folder making this possible. John also stores some information in ~/.john.

Note: We can start john using 'john --session=imp' and press 'Ctrl+C' to stop john in between. To resume we can use 'john --restore=imp'.


Home > CentOS > CentOS 6.x > Penetration testing tools > John > Bkhive, samdump2, john