Intro to hashing
To login we type our password windows allow us to log-in for a correct password. But how does windows determine whether it correct or not? The OS have to do some comparison to find whether it is correct, don't they? To compare, it should be saved somewhere in the hard disk. Actually what happens is windows stores the database of all users along with their hashed passwords in a particular file called SAM (security accounts manager). But the file is invisible once the OS is in use, it is not accessible What we do is, use a live cd or bootable usb and access the file. The password inside SAM is hashed using algorithms like LM and NTLM which are complex and is not so easy to crack algorithms.In windows all the passwords are stored in a file called SAM. The default location C:\WINDOWS\system32\config\SAM. As it is not so easy to crack what we can do is to modify the hash with the hash of the password we want. To do all this we use the linux package called chntpw.
chntpw can be installed on various linux distros, (i am using Ubuntu). Once we boot from linux it can access SAM file. And edit it.
Installing chntpw
After booting from the live disc.
It is available as binary packages for various linux distros
http://pkgs.org/search/?keyword=chntpw
or
You can manually install it from terminal using the command
sudo apt-get install chntpw
Resetting password
To automatically mount mount the harddisk open home folder in the devices open the device by clicking. Now the hard disk is mounted.
Go to terminal type cd /media
Using dir command find the weird name of the hard disk, mine is "6424A36924A33D44". For the default path (else just search foe SAM file) type cd 6424A36924A33D44/WINDOWS/system32/config
type dir and find the list of files
Type chntpw -l SAM to view the list of all users along with their privilages.
For me this is what i get.
To change password type chntpw -u "username".
To change password of buser i can type
chntpw -u buser SAM
Thats it, enter the new password and reboot!!!!!!!!
Tags:- Windows password cracker, windows, password, sam file, chntpw, resetting password, live cd, linux, admin password
Good job guys... :)
ReplyDeleteGood one. But it does not show the current password. Is there any option for that?
ReplyDeleteThese passwords are hashed such that it cannot be reversed using any function. But their are files called rainbow tables which stores small words along with their hashes. Using some special tools to look up for the giiven hash on rainbow tables, u can give it a try it may crack small password but the chances are low.
ReplyDelete