Jump to content

Help! Windows 7 Password


_m3x_
 Share

Recommended Posts

Hi, Srry if i post it in the wrong area but i search in the forum and no Luck.....

I'm trying to crack my windows 7 username password (yeah i know why? right) I was bored and decided to test my Password strength.. i have susefully cracked my password in the pass (WinXP)..

1.) I try using CHNTPW, but no luck. [ sudo chntpw -u User SAM ] and clear the password.. but When i log in the password is still there..

2.) I also try using Kon-Boot, No luck.. When i bot up the computer from the USB drive > Kon-Boot > from hd1 everything seems to be working well

but when its trying to load, i get a F***IN "BSOD" (personally am tired of the color Blue lol) > i get a BSOD saying that "error occurred while trying to write read only Memory.. or sumthing like that..

3.) i try using bkhive, and sambump2, and JTR..

Is it just me or Windows Up'd there security!!

Any suggestions? btw the password is a simple password [fkraiders]

Link to comment
Share on other sites

If you can't find tools for this on your own, then you don't need to have them. Kon-Boot should have worked unless you are using the 64-bit version of Windows 7.

Im running Windows 7 [32b]

Link to comment
Share on other sites

Tools for the SAM that work with XP probably won't work since they changed the way the hashes work starting with Vista. A Vista tool should work. How old is your version of Kon-Boot? I just used Kon-Boot on a Windows 7 machine a couple days ago and it worked fine. That is all the help I will give you.

Link to comment
Share on other sites

There is also Ophcrack that you could try. But if your password is longer than 8 characters and contains special characters, then it would be useless.

Link to comment
Share on other sites

There is also Ophcrack that you could try. But if your password is longer than 8 characters and contains special characters, then it would be useless.

ophcrack will work up to 14 characters with no issues, depending on the hash type, NTLM vs LM.

Edited by digip
Link to comment
Share on other sites

ophcrack will work up to 14 characters with no issues, depending on the hash type, NTLM vs LM.

Agree, it can crack up to 14 characters with no issues, but don't expect the rainbow tables size to be small.

For instance a table with the following charset, would be around 36.4GB in size. Plus generating a rainbow table this size would take some time, in addition it can only crack up to 7 characters, which would be ineffective if the OP's password is over 7 characters long and contains certain special characters.

Charset: 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
  !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ (including the space character)

Link to comment
Share on other sites

All you need to do is boot off bt5, dump the sam hashses, then google them. Majority of every password combination exists out there somewhere. Plenty of online crackers with search capabilities. I've been just entering MD5's lately into google, and its showing me the cracked hashes half the time. Same should work for windows hashes too, but if nto, just google for NTLM crackers, and they might have it in a table already.

Link to comment
Share on other sites

There is also Ophcrack that you could try. But if your password is longer than 8 characters and contains special characters, then it would be useless.

i try ed it already, Didn't work.. im just wondering why do i get a BSOD when booting with Kon-Boot..

Link to comment
Share on other sites

i found This on the Web...

"Because of the BIOS memory injection it appears to perform, some system BIOS’s may not be supported and could cause Kon-Boot to fail. So it isn’t a 100% success in all possible conditions. Also some users have said it BSOD their systems in various comments around the web. Some have even reported it nuked their systems for unknown reasons." Source

i guess am one of the lucky ones :)

Link to comment
Share on other sites

Another way to test how secure your password really is by brute forcing it with HashCat or looking up your hash on the internet as Digip suggested before.

Link to comment
Share on other sites

Another way to test how secure your password really is by brute forcing it with HashCat or looking up your hash on the internet as Digip suggested before.

Never used HashCat, but i am goin to try google-in the hashes thx for the replys..

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...