Archived

This topic is now archived and is closed to further replies.

teknicalissue

how do you retrieve password hashes?

8 posts in this topic

well this is a question to just simply satisfy my curiosity, i know there are programs like pwdump and things like that.. but all i want to know is how they work, where are these hashes located and how do those types of software retrieve em?

0

Share this post


Link to post
Share on other sites

Hashing is one way. If the hash function is any good (Lanman is compleatly not) the passwords should be lost. Only methods such as rainbow tables or brute forcing are any good.

0

Share this post


Link to post
Share on other sites

I think he was actually referring to how pwdump/fgdump extract the hash from the machine not how to crack the password.

0

Share this post


Link to post
Share on other sites

yea i have always wanted to know how to get the hash, form the computer, there is a lot on how to crack the hash

0

Share this post


Link to post
Share on other sites

I'm afraid I don't have the knowledge to furnish you with details about how the programs actually get the hashes from the file: I can tell you that the passwords / users file on a default WinXP install is: C:\WINDOWS\system32\config\sam

The SAM file is just a text file as far as I know, although windows won't let you open it while windows is running.

If you boot from a Linux live cd or similar with NTFS support you could open it up and have a look at it.

Or you could make a copy of the file with the windows recovery console (There's an option for it when you boot from a winxp cd).

Of course, you could use one of the programs you mentioned too :-P

0

Share this post


Link to post
Share on other sites

um irongeek did a bit on this he used hashtabs. This created heaps of different hashes and you can choose which ones to show and which ones not to show.

0

Share this post


Link to post
Share on other sites

i don't know if responding to older threads is a horrible sin and abomination against the trolls here, but i shall respond since im new, bored, and waiting to rip 18 cds.

fist: program has to know were the target hash is located (ie: the sam file in windows as previously mentioned)

second: You must know what hash method is used to generate said hash file. this can be accomplished with a good (ie: set the password to "bobyboy" and generate a hash from "bobyboy" using several different algorithms)hour or so of guess work work, or reduced to possibly fruitless reverse engineering if hashes are salted.

third: generate and check hashes against the target untill you get a match (and technically, its possible to get two!)

0

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.