Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: LophtCrack and SAM Passwd

from [Brendan Dolan-Gavitt] Network Security [Permanent Link]
Subject: Re: LophtCrack and SAM Passwd
Date: Wed, 20 Dec 2006 09:37:05 -0500 
More specifically: the hashes were likely encrypted with syskey
(turned on by default in Win2k/XP IIRC). Go get bkhive and samdump2
(also available for linux!) to get the actual hashes, and then make
short work of them with ophcrack or RainbowCrack. If the passwords are
alphanumeric, you should be able to do this in about 5 minutes total,
including pulling the SYSTEM and SAM hives :)

On 12/20/06, Jerome Athias <jerome.athias@free.fr> wrote: 
Hi,

ophcrack is the faster (soft) way to do this
rainbowcrack is the second alternative (
http://www.freerainbowtables.com could help ;-))

Good luck

William Woodhams a écrit :
> I have a system that recently got hacked and the passwords on the
> machine were compromised.  I want to get back into this system for
> forensic reasons.  Unfortunately when I dumped the SAM file and tried
> cracking it with LophtCrack nothing worked.  I ran it for a good 10
> hours with no success on any account.  I was thinking maybe my word list
> was not big enough.  So the questions are:
>
> A.  Anyone have any good sources for large word lists?
> B.  Any other application for cracking SAM's that I have not thought of?
> I have ran it through a couple smaller security apps (names escape me at
> the moment.)
>
> Thanks,
>
> Bill Woodhams
>
>
>


[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: LophtCrack and SAM Passwd, Justin Lintz
Next by Date:  RE: Trend Micro's Vista "0day exploit auction" claim, Roger A. Grimes
Previous by Thread:  Re: LophtCrack and SAM Passwd, killy
Next by Thread:  Re: LophtCrack and SAM Passwd, jm
Indexes:  [Date] [Thread] [Top] [All Lists]