Gethashes is an early hash password acquisition software for Insidepro Corporation. Try it on the Win7, it has no way to catch the hash value of Sam file, but on Windows XP and Windows Server 2003, this gadget is very useful.
Gethashes is a command-line tool that has the following command format: gethashes [System key file] or gethashes $Local (case insensitive).
Use Windows XP below to demonstrate the use of gethashes.
I extracted the gethashes program to the root of the D drive, open the "command Prompt" interface, switch directories to the packing directory, and then execute the following command, successfully captured the user password hash value:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6F/D0/wKiom1WpKRSDPgZCAADvw_AKqlI362.jpg "title=" 00.png "alt=" Wkiom1wpkrsdpgzcaadvw_akqli362.jpg "/>
We can also save the hash value of the user's password to a file:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6F/CE/wKioL1WpLCazMZ3gAAAZnNiazMw015.jpg "title=" 01.png "alt=" Wkiol1wplcazmz3gaaaznniazmw015.jpg "/>
Open Hash.txt File:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6F/D0/wKiom1WpLX-zc2P1AAGlx44L79A569.jpg "title=" 02.png "alt=" Wkiom1wplx-zc2p1aaglx44l79a569.jpg "/>
As you can see, the SAM file holds the Lm-hash value and the Ntlm-hash value of the user's password. As for what is Lm-hash and Ntlm-hash? You can read this article: http://qlxmy.blog.51cto.com/8016580/1675464.
This article is from the "industrious Little ant" blog, please make sure to keep this source http://qlxmy.blog.51cto.com/8016580/1675841
Use Gethashes to get Windows user password hash value